Oracle.Identity.Manager.Default.Credentials
Description
This indicates an attack attempt against a Security Bypass Vulnerability in Oracle Identity Manager.
The vulnerability is due to hard coded default credential inside the vulnerable application. A remote attacker can exploit this to authenticate with the application to gain administrator level privileges on the target system.
Affected Products
Oracle Identity Manager 12.2.1.3
Oracle Identity Manager 11.1.2.3
Oracle Identity Manager 11.1.1.7
Impact
Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10151-4016513.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |