Oracle Identity Manager (OIM) enables enterprises to manage the entire user life-cycle across all enterprise resources both within and beyond a firewall.
Vulnerability exists in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). An unauthenticated attacker can compromise Oracle Identity Manager via HTTP.
Oracle Identity Manager (OIM) 184.108.40.206, 220.127.116.11, 18.104.22.168.0, 22.214.171.124.0, 126.96.36.199.0 and 188.8.131.52.0
QID Detection Logic:(unauthenticated)
This unauthenticated QID retrieves vulnerable installations of OIM by visiting certain webpages.
Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager.
For more information about this, go to the Oracle Security Alert Advisory.
As a workaround for this issue, change the password for the user OIMINTERNAL in the WebLogic admin console to a random string. The following steps can be used to change the password:
1) Log onto the Weblogic Admin console as a weblogic administrator
2) Select Domain
3) Select Security Realms
4) Select myrealm
5) Select tab Users and Groups
6) Select the OIMINTERNAL user
7) Select tab Passwords
8) Change the password