Vulnerability in Oracle Access Manager Affects Oracle Fusion Middleware
CVE-2015-4912

Currently unrated

Key Information:

Vendor: Oracle
Status: Fusion Middleware
Vendor: CVE Published:; 22 October 2015

Summary

An unspecified vulnerability exists in the Oracle Access Manager component of Oracle Fusion Middleware that may allow remote attackers to compromise the confidentiality of sensitive data. This can be exploited through vectors related to the Single Sign-On (SSO) Engine, potentially exposing user credentials and access tokens, which could lead to unauthorized access to protected resources.

References

http://www.oracle.com/technetwork/topics/security/cpuoct2...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033898

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 22, 2015
Vulnerability Reserved
Jun 24, 2015