The US CISA warned organizations that a critical Oracle Fusion Middleware vulnerability patched in early 2022 is being exploited in attacks.
The vulnerability tracked as CVE-2021-35587 impacts Oracle Access Manager, which provides the Oracle Fusion Middleware single sign-on solution.
The flaw impacts the OpenSSO Agent component, which can allow an unauthenticated attacker with network access via HTTP to take control of Oracle Access Manager. Oracle patched this vulnerability during January 2022.
The researchers detailed their findings in March and noted that the flaw was discovered during the analysis of what they called a ‘mega’ Fusion Middleware vulnerability that Oracle took six months to patch.
PoC exploits have also been available for several months, with that malicious actors attempted to exploit CVE-2021-35587. During September, the exploit started to pick up, and in the next two months, it gone peak.
CISA has added CVE-2021-35587 to its Known Exploited Vulnerabilities Catalog and instructed federal agencies to address it by December 19.