REDLEGG BLOG

Emergency Vulnerability Bulletin - 11/29/22

11/29/22 10:36 AM  |  by RedLegg Blog

Oracle Fusion Middleware Unspecified Vulnerability

Identifier: CVE-2022-35587

Exploit or POC: Yes (Actively Being Exploited)

Update: https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html

Description: CVE-2022-35587 allows Oracle Access Manger to be easily compromised. Authentication and user interaction is not required for successful exploitation. An attacker with network access via HTTP can employ a series of attacks to evoke an account takeover of the Oracle Access Manager.

Mitigation recommendation: Patching is currently the only method of mitigation

RedLegg Action: None at this time.

 

 

Get Blog Updates

Related Articles

Summoning Cyber Awareness: Exorcising the Malevolent Realm of Remote Monitoring and Management Tools threat intel, 96bravo

Summoning Cyber Awareness: Exorcising the Malevolent Realm of Remote Monitoring and Management Tools

EXECUTIVE SUMMARY RedLegg would like to recognize the efforts instituted by the Cybersecurity & Infrastructure ...
Top 8 Cyber Threat Maps To Track Cyber Attacks threat intel

Top 8 Cyber Threat Maps To Track Cyber Attacks

Critical Security Vulnerabilities Bulletin