claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2025-61757-oracle-fusion-middleware.log

CVE-2025-61757 — Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability

2025-11-21 • CISA Known Exploited Vulnerability

[event] Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.

> AFFECTED SOFTWARE

Field Value
Vendor Oracle
Product Fusion Middleware
CWE CWE-306
CVE ID CVE-2025-61757
Date Added 2025-11-21
Due Date 2025-12-12
Ransomware Campaign Unknown

> MITIGATION

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due Date: 2025-12-12

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:07 UTC