Threat Watch

CISA Adds Oracle Access Manager Exploit to Known Exploited Vulnerabilities Catalog

On Monday the United States Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2021-35587, a critical-severity flaw in Oracle Fusion Middleware, to their Known Exploited Vulnerabilities catalog. The vulnerability affects Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0, and CISA reports evidence of active exploitation. This CVE was first published in January 2022, and was addressed that month via a critical patch.

ANALYST NOTES

A proof-of-concept (PoC) has existed as early as March 2022, so companies running vulnerable versions of OAM should patch as soon as their patch management program allows. Additionally, since the exploit has existed for so long, it is reasonable to assume active exploitation has been taking place since then, and all vulnerable OAM systems should be treated as such.

https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html