HTTP: Oracle Access Manager OpenSSO Agent Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against Oracle Access Manager. A successful attack can lead to arbitrary code execution.
Extended Description
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Affected Products
Oracle access_manager
References
CVE: CVE-2021-35587
URL: https://www.oracle.com/security-alerts/cpujan2022.html#AppendixFMW
Short Name
HTTP:ORACLE:OPNSSO-INSEC-DSRLZ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Access Agent CVE-2021-35587 Deserialization Insecure Manager OpenSSO Oracle
Release Date
04/04/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3599
False Positive
Unknown
Vendors
Oracle