Patching Oracle Fusion Middleware Vulnerability (CVE-2021-35587)

Brenda Gratas May 19, 2022
- 3 min read

Security vulnerabilities are a significant threat to organizations' systems and data in today's digital landscape. The discovery of CVE-2021-35587 in Oracle Fusion Middleware's OpenSSO Agent component of the Oracle Access Manager product is a glaring example of such vulnerabilities.

This security flaw, which is easily exploitable by attackers, can lead to a complete loss of confidentiality, integrity, and availability of the affected system and its data. In response to this threat, Oracle has released a patch to address the vulnerability in its supported versions of the software. However, the onus is on users to update their software to the latest version and protect their systems from potential breaches.

In this blog post, we’ll delve into the details of CVE-2021-35587, its impact, the latest patch, and how to detect affected devices using InvGate Asset Management. Let’s start!

About CVE-2021-35587

CVE-2021-35587 is a security vulnerability published in January 2022 discovered in Oracle Fusion Middleware. Specifically, it is a vulnerability in the OpenSSO Agent component of the Oracle Access Manager product, which corporations widely use for single sign-on (SSO) as part of the Oracle Fusion Middleware suite.

CVE-2021-35587 is an easily exploitable vulnerability that allows unauthenticated (Pre-auth) attackers with network access via HTTP to compromise Oracle Access Manager and take full control of the system to conduct Remote Code Execution (RCE).

The risk of not patching CVE-2021-35587 is high, as it can result in the compromise of sensitive information and the takeover of affected systems. Attackers can use the vulnerability to gain unauthorized access to corporate networks, steal sensitive data, or deploy malware on the affected systems. Exploiting this vulnerability can lead to a complete loss of confidentiality, integrity, and availability of the affected system and its data.

The vulnerability affected v11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0 of Oracle Access Manager and has been patched in those supported versions. It is recommended to update to the latest version of the software as soon as possible. 

How to find devices exposed to CVE-2021-35587

The use of InvGate Asset Management enables the quick detection of devices that the CVE-2021-35587 vulnerability has impacted. Here are the steps to follow:

  1. Open InvGate Asset Management and go to the Explorer tab.
  2. In the Search bar, type “Software name, is:Oracle Access Manager” to filter all the devices that have this software installed.
  3. Add another filter to the Search bar to see all devices missing the security patch. To do that, add the following filter: “Reported version, is not:” and paste Oracle’s patched version (you’ll find the security update on Oracle’s webpage).

Use InvGate Asset Management to find devices exposed to CVE-2021-35587

The bottom line

The CVE-2021-35587 vulnerability in Oracle Access Manager is a security threat that can result in the compromise of sensitive information and the takeover of affected systems. It can be easily exploited by attackers to gain unauthorized access to corporate networks, steal data, or deploy malware. The vulnerability has been patched in supported versions, and users are strongly recommended to update their software to the latest version as soon as possible to avoid the risks of the vulnerability.

To simplify Patch Management and detect devices impacted by CVE-2021-35587, users can use InvGate Asset Management, which enables quick detection and identification of affected devices, and take immediate action to secure them. 

To experience the capabilities of InvGate Asset Management, request a 30-day free trial. Protect your systems from CVE-2021-35587 and other vulnerabilities with InvGate Asset Management today!

Read other articles like this : vulnerabilities