Oracle Access Manager Multiple Vulnerabilities (January 2015 CPU)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote host has a Single Sign On (SSO) application installed that
is affected by multiple vulnerabilities.

Description :

The version of Oracle Access Manager installed on the remote host is
affected by multiple unspecified vulnerabilities that allow remote
attackers to impact integrity and confidentiality.

Note that this plugin does not check for additional configuration
required to completely mitigate CVE-2015-0367.

See also :

http://www.nessus.org/u?c02f1515

Solution :

Apply the appropriate patches according to the January 2015 Oracle
Critical Patch Update advisory.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 81004 ()

Bugtraq ID: 72179
72226

CVE ID: CVE-2015-0367
CVE-2015-0434

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now