CVE-2021-2457 – Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Requ …

Vuln ID: CVE-2021-2457

Published:  2021-07-21  00:15:15Z

Description: Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Request Management & Workflow). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Identity Manager accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Source: NVD.NIST.GOV