サイバーニュース.jp

世界のサイバーなニュースを配信

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

カテゴリ:

Oracle has released security updates to address a critical vulnerability impacting its Identity Manager and Web Services Manager products, which could be exploited to achieve remote code execution (RCE).

The vulnerability, tracked as CVE-2026-21992, carries a CVSS score of 9.8 out of a maximum of 10.0.

Details of the Vulnerability

According to Oracle’s advisory, this vulnerability is remotely exploitable without authentication. If successfully exploited, it may result in remote code execution.

Affected versions:
Oracle Identity Manager: 12.2.1.4.0 and 14.1.2.1.0
Oracle Web Services Manager: 12.2.1.4.0 and 14.1.2.1.0

The National Vulnerability Database (NVD) describes the flaw as

元記事: https://thehackernews.com/2026/03/oracle-patches-critical-cve-2026-21992.html

投稿をさらに読み込む

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

2026-03-24
サイバーセキュリティ専門化の隠れたコスト：基礎スキルの喪失

2026-03-24
Ultrahuman 加速美国市场扩张，Oura 增强主导地位

2026-03-24
脅威アクターがMS-SQLサーバーを標的としてICE Cloud Scannerマルウェアを展開

2026-03-24

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Details of the Vulnerability

投稿をさらに読み込む

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

サイバーセキュリティ専門化の隠れたコスト：基礎スキルの喪失

Ultrahuman 加速美国市场扩张，Oura 增强主导地位

脅威アクターがMS-SQLサーバーを標的としてICE Cloud Scannerマルウェアを展開