Oracle Access Manager Information Disclosure (October 2015 CPU)
Medium Nessus Plugin ID 86478
SynopsisThe remote host has a Single Sign On (SSO) application installed that is affected by an information disclosure vulnerability.
DescriptionThe version of Oracle Access Manager installed on the remote host is affected by an information disclosure vulnerability due to an unspecified flaw in the SSO Engine subcomponent. An unauthenticated, remote attacker can exploit this to disclose sensitive information.
SolutionApply the appropriate patches according to the October 2015 Oracle Critical Patch Update advisory.