What is CVE-2017-10151?

CVE-2017-10151 is a critical-severity vulnerability in Oracle Identity_manager. CVSS score: 10.0/10. Published 2017-10-30.

How severe is CVE-2017-10151?

Critical severity. CVSS v3 base score is 10.0 out of 10.

Is CVE-2017-10151 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Oracle Identity_manager

CVE-2017-10151

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthent…

EPSS: 0.039 (89.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Oracle Identity_manager — versions 11.1.1.7, 11.1.1.9, 11.1.2.1.0
Oracle Corporation Identity Manager — versions 11.1.2.3, 12.2.1.3, 11.1.1.7

Public proof-of-concept exploits

References

secalert_us@oracle.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
secalert_us@oracle.com (x_refsource_CONFIRM, Patch)
secalert_us@oracle.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2017-10151?: CVE-2017-10151 is a critical-severity vulnerability in Oracle Identity_manager. CVSS score: 10.0/10. Published 2017-10-30.
How severe is CVE-2017-10151?: Critical severity. CVSS v3 base score is 10.0 out of 10.
Is CVE-2017-10151 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.