Denial of Service Vulnerability in Oracle Identity Manager Connector by Oracle
CVE-2026-34290

7.5HIGH

Key Information:

Vendor: Oracle
Status: Oracle Identity Manager Connector
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34290?

The Oracle Identity Manager Connector is vulnerable to a Denial of Service (DoS) attack, allowing an unauthenticated attacker with network access to cause significant disruptions. This vulnerability is present in the Oracle Fusion Middleware component and affects version 12.2.1.4.0. Exploitation can lead to the potential for frequent crashes or system hangs, thereby compromising the availability of the Oracle Identity Manager Connector. Organizations utilizing this product are advised to take immediate precautions to mitigate potential risks.

Affected Version(s)

Oracle Identity Manager Connector 12.2.1.4.0

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34290 Data

JSON