What is the severity of CVE-2017-10151?

CVE-2017-10151 is considered a critical vulnerability that allows unauthenticated attackers to exploit the system remotely.

How do I fix CVE-2017-10151?

To remediate CVE-2017-10151, users should apply the latest security patches provided by Oracle for affected versions of Identity Manager.

What versions are affected by CVE-2017-10151?

CVE-2017-10151 affects Oracle Identity Manager versions 11.1.1.7, 11.1.2.3, and 12.2.1.3 among others.

Can CVE-2017-10151 be exploited remotely?

Yes, CVE-2017-10151 can be easily exploited by unauthenticated attackers with network access via HTTP.

What component of Oracle Fusion Middleware is affected by CVE-2017-10151?

CVE-2017-10151 specifically affects the Default Account component of Oracle Identity Manager in Oracle Fusion Middleware.

Vulnerability/
CVE-2017-10151

critical

30/10/2017

4/10/2024

CVE-2017-10151

First published: Mon Oct 30 2017(Updated: )

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager. While the vulnerability is in Oracle Identity Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle Identity Management Suite	=11.1.1.7
Oracle Identity Management Suite	=11.1.1.9
Oracle Identity Management Suite	=11.1.2.1.0
Oracle Identity Management Suite	=11.1.2.2.0
Oracle Identity Management Suite	=11.1.2.3
Oracle Identity Management Suite	=12.2.1.3

Remedy

http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10151-4016513.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-10151?
CVE-2017-10151 is considered a critical vulnerability that allows unauthenticated attackers to exploit the system remotely.
How do I fix CVE-2017-10151?
To remediate CVE-2017-10151, users should apply the latest security patches provided by Oracle for affected versions of Identity Manager.
What versions are affected by CVE-2017-10151?
CVE-2017-10151 affects Oracle Identity Manager versions 11.1.1.7, 11.1.2.3, and 12.2.1.3 among others.
Can CVE-2017-10151 be exploited remotely?
Yes, CVE-2017-10151 can be easily exploited by unauthenticated attackers with network access via HTTP.
What component of Oracle Fusion Middleware is affected by CVE-2017-10151?
CVE-2017-10151 specifically affects the Default Account component of Oracle Identity Manager in Oracle Fusion Middleware.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/remedy
agent/last-modified-date
agent/severity
agent/references
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/oracle
canonical/oracle identity management suite
version/oracle identity management suite/11.1.1.7
version/oracle identity management suite/11.1.1.9
version/oracle identity management suite/11.1.2.1.0
version/oracle identity management suite/11.1.2.2.0
version/oracle identity management suite/11.1.2.3
version/oracle identity management suite/12.2.1.3