Oracle Access Manager CVE-2018-2879 Remote Security Vulnerability
BID:103788
CVE-2018-2879 |Info
Oracle Access Manager CVE-2018-2879 Remote Security Vulnerability
| Bugtraq ID: | 103788 |
| Class: | Unknown |
| CVE: |
CVE-2018-2879 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 17 2018 12:00AM |
| Updated: | Apr 17 2018 12:00AM |
| Credit: | Wolfgang Ettlinger of SEC Consult Vulnerability Lab |
| Vulnerable: |
Oracle Access Manager 12.2.1.3.0 Oracle Access Manager 11.1.2.3.0 |
| Not Vulnerable: | |
Discussion
Oracle Access Manager CVE-2018-2879 Remote Security Vulnerability
Oracle Access Manager is prone to a remote security vulnerability.
The vulnerability can be exploited over the 'HTTP' protocol. The 'Authentication Engine' component is affected.
This vulnerability affects the following supported versions:
11.1.2.3.0, 12.2.1.3.0
Oracle Access Manager is prone to a remote security vulnerability.
The vulnerability can be exploited over the 'HTTP' protocol. The 'Authentication Engine' component is affected.
This vulnerability affects the following supported versions:
11.1.2.3.0, 12.2.1.3.0
Exploit / POC
Oracle Access Manager CVE-2018-2879 Remote Security Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Oracle Access Manager CVE-2018-2879 Remote Security Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Oracle Access Manager CVE-2018-2879 Remote Security Vulnerability
References:
References:
- Oracle Homepage (Oracle)
- Oracle Critical Patch Update Advisory - April 2018 (Oracle)