Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-2457
CVE-2021-2457:
Oracle Identity Manager vulnerability analysis and mitigation
Overview
A vulnerability was identified in the Identity Manager component of Oracle Fusion Middleware, specifically in the Request Management & Workflow subsystem. The vulnerability affects versions 11.1.2.2.0, 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. This security issue was discovered by Devin Rosenbauer of Identity Works LLC and was addressed in Oracle's July 2021 Critical Patch Update (Oracle CPU Jul2021).
Technical details
The vulnerability is tracked as CVE-2021-2457 and affects the Request Management & Workflow component within Oracle Identity Manager. The issue was included in Oracle's July 2021 Critical Patch Update, which contained 342 new security patches across various Oracle product families (Oracle CPU Jul2021).
Mitigation and workarounds
Oracle has released patches to address this vulnerability as part of their July 2021 Critical Patch Update. Oracle strongly recommends that customers apply Critical Patch Update security patches as soon as possible to address this and other vulnerabilities (Oracle CPU Jul2021).
Additional resources
Source: This report was generated using AI
Related Oracle Identity Manager vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management