Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202603-00000019
[Content Description]
Oracle recently released a critical cybersecurity advisory (CVE-2026-21992, CVSS: 9.8) for Identity Manager (component: REST WebServices) and Web Services Manager (component: Web Services Security). This vulnerability allows unauthenticated remote attackers to execute remote code.
[Affected Platforms]
Oracle Identity Manager version 12.2.1.4.0
Oracle Identity Manager version 14.1.2.1.0
Oracle Web Services Manager version 12.2.1.4.0
Oracle Web Services Manager version 14.1.2.1.0
[Recommended Actions]
Patch the issue according to the solutions released on the official website: https://www.oracle.com/security-alerts/alert-cve-2026-21992.html
[References]
1. https://www.twcert.org.tw/tw/cp-169-10796-f9ea4-1.html
[Security Vulnerability Alert] Oracle Identity Manager and Oracle Web Services Manager contain a critical cybersecurity vulnerability (CVE-2026-21992)
Type:行政公告
Pubish Date:2026/03/26 至 2026/09/26
Visitors:348
返回列表
