PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-35267 Oracle Corporation CVE debrief

A high-severity vulnerability was found in Oracle Fusion Middleware's Identity Manager product, specifically in the REST WebServices component. The vulnerability is easily exploitable by a low-privileged attacker with network access via HTTP, potentially leading to a takeover of Identity Manager. This vulnerability, CVE-2026-35267, has a CVSS 3.1 Base Score of 8.8, indicating high confidentiality, integrity, and availability impacts. The affected versions are 12.2.1.4.0 and 14.1.2.1.0. An attacker with low privileges and network access via HTTP can easily exploit this vulnerability. To mitigate, apply the patch provided by Oracle Corporation as soon as possible, review and update access controls, monitor Identity Manager systems for suspicious activity, and consider implementing additional security measures such as Web Application Firewalls (WAFs).

Vendor
Oracle Corporation
Product
Identity Manager
CVSS
HIGH 8.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-17
Original CVE updated
2026-06-18
Advisory published
2026-06-17
Advisory updated
2026-06-18

Who should care

System administrators and security teams responsible for Oracle Fusion Middleware and Identity Manager should prioritize patching this vulnerability to prevent potential takeovers.

Technical summary

The vulnerability, CVE-2026-35267, is in the Identity Manager product of Oracle Fusion Middleware, specifically in the REST WebServices component. Supported versions affected are 12.2.1.4.0 and 14.1.2.1.0. The vulnerability has a CVSS 3.1 Base Score of 8.8, indicating high confidentiality, integrity, and availability impacts. An attacker with low privileges and network access via HTTP can easily exploit this vulnerability, potentially leading to a complete takeover of Identity Manager.

Defensive priority

High priority should be given to patching this vulnerability due to its high CVSS score and the potential for a low-privileged attacker to exploit it, leading to a significant impact on confidentiality, integrity, and availability.

Recommended defensive actions

  • Apply the patch provided by Oracle Corporation as soon as possible.
  • Review and update access controls to ensure that only necessary personnel have access to Identity Manager.
  • Monitor Identity Manager systems for any suspicious activity.
  • Consider implementing additional security measures such as Web Application Firewalls (WAFs) to detect and prevent exploitation attempts.
  • Perform a thorough review of Identity Manager configurations to ensure they align with security best practices.
  • Implement additional logging and monitoring to detect potential exploitation attempts.
  • Conduct regular security audits to identify and address any potential vulnerabilities.

Evidence notes

The CVE record was published on 2026-06-17T10:40:18.920Z and was last modified on 2026-06-18T04:16:45.940Z. The NVD entry is currently Analyzed. Oracle Corporation has provided a vendor advisory for this vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:40:18.920Z and has not been modified since then. The NVD entry is currently Analyzed.