Critical Oracle Identity Manager Flaw: Unauthenticated Data Compromise
The National Vulnerability Database has disclosed CVE-2026-34287, a critical vulnerability in the Oracle Identity Manager Connector product, specifically affecting version 12.2.1.4.0 of Oracle Fusion Middleware. This flaw is easily exploitable via HTTPS by unauthenticated attackers with network access.
Successful exploitation grants attackers extensive unauthorized access to critical data. This includes the ability to create, delete, or modify any data accessible by Oracle Identity Manager Connector, as well as complete access to sensitive information. The National Vulnerability Database assigned a CVSS 3.1 Base Score of 9.1, citing high impacts on both confidentiality and integrity.
This isn’t just a data leak risk; it’s a full compromise of identity management. Attackers can manipulate user identities, permissions, and access controls, effectively taking over core business processes. The lack of authentication required makes this particularly dangerous, exposing a wide attack surface for any internet-facing instance.
What This Means For You
- If your organization uses Oracle Identity Manager Connector version 12.2.1.4.0, you are directly exposed to unauthenticated, remote data compromise. Prioritize patching this vulnerability immediately. Audit your Identity Manager logs for any anomalous activity, especially unauthorized account creation or permission changes, as this is a prime target for initial access and privilege escalation.
Related ATT&CK Techniques
🛡️ Detection Rules
4 rules · 6 SIEM formats4 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
Web Application Exploitation Attempt — CVE-2026-34287
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-34287 | Auth Bypass | Oracle Identity Manager Connector product, version 12.2.1.4.0 |
| CVE-2026-34287 | Information Disclosure | Oracle Identity Manager Connector product, version 12.2.1.4.0 |
| CVE-2026-34287 | Data Manipulation | Oracle Identity Manager Connector product, version 12.2.1.4.0 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 22, 2026 at 00:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related Posts
HKUDS OpenHarness Default Config Exposes Systems (CVE-2026-6823)
CVE-2026-6823 — HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote...
Critical AVideo XSS Vulnerability Exposes Admin Settings
CVE-2026-40925 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, `objects/configurationUpdate.json.php` (also routed via `/updateConfig`) persists dozens of global site...
Critical RCE in AVideo YPTSocket Plugin: Unauthenticated Account Takeover
CVE-2026-40911 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies...