CVE-2017-10151 Oracle Identity Manager Accessible via Default Account Vulnerability

漏洞类别:CGI

漏洞等级:

漏洞信息

Oracle Identity Manager (OIM) enables enterprises to manage the entire user life-cycle across all enterprise resources both within and beyond a firewall.

Vulnerability exists in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). An unauthenticated attacker can compromise Oracle Identity Manager via HTTP.

Affected versions:
Oracle Identity Manager (OIM) 11.1.1.7, 11.1.1.9, 11.1.2.1.0, 11.1.2.2.0, 11.1.2.3.0 and 12.2.1.3.0

QID Detection Logic:(unauthenticated)
This unauthenticated QID retrieves vulnerable installations of OIM by visiting certain webpages.

漏洞危害

Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager.

解决方案

For more information about this, go to the Oracle Security Alert Advisory.

Workaround:
As a workaround for this issue, change the password for the user OIMINTERNAL in the WebLogic admin console to a random string. The following steps can be used to change the password:

1) Log onto the Weblogic Admin console as a weblogic administrator
2) Select Domain
3) Select Security Realms
4) Select myrealm
5) Select tab Users and Groups
6) Select the OIMINTERNAL user
7) Select tab Passwords
8) Change the password

Leave a Reply