all InfoSec news
Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)
Help Net Security www.helpnetsecurity.com
A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog. About CVE-2021-35587 CVE-2021-35587 was discovered by security researchers “Jang” (Nguyen Jang) and “Peterjson” in late 2021 by accident, while “building PoC for another mega-0day.” The vulnerability is in the OpenSSO Agent … More →
The post …
auth cisa cve don't miss exploit fusion fusion middleware middleware oracle patch rce vulnerability vulnerability management