Oracle Identity Manager End User Self Service (January 2014 CPU)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host has an identity management application installed that
is affected by multiple, unspecified vulnerabilities.

Description :

The remote host is missing the January 2014 Critical Patch Update for
Oracle Identity Manager. It is, therefore, potentially affected by
multiple, unspecified vulnerabilities in the End User Self Service
sub-component of Oracle Identity Manager.

See also :

http://www.nessus.org/u?17c46362

Solution :

Apply the appropriate patch according to the January 2014 Critical
Patch Update advisory.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 72259 ()

Bugtraq ID: 64829
64838

CVE ID: CVE-2013-5900
CVE-2014-0391