Oracle Fusion Middleware Identity Manager Connector Vulnerability
CVE-2026-35294
9.9CRITICAL
What is CVE-2026-35294?
An access control vulnerability exists in the Identity Manager Connector component of Oracle Fusion Middleware. This flaw enables low-privileged attackers to exploit the Connector via HTTP, potentially compromising it. While the vulnerability is specific to the Identity Manager Connector, successful exploitation could lead to significant impacts on other connected systems, making it imperative for users to secure their installations. The vulnerability affects specific versions: 12.2.1.4.0 and 14.1.2.1.0, necessitating immediate attention from users to reinforce their security measures.
Affected Version(s)
Identity Manager Connector 12.2.1.4.0
Identity Manager Connector 14.1.2.1.0