CVE-2021-35587 — Oracle Fusion Middleware Unspecified Vulnerability
2022-11-28 • CISA Known Exploited Vulnerability
[event] Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Oracle |
| Product | Fusion Middleware |
| CWE | CWE-502, CWE-790 |
| CVE ID | CVE-2021-35587 |
| Date Added | 2022-11-28 |
| Due Date | 2022-12-19 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-12-19