{"uuid": "14793d32-8c57-4324-8dbe-2f71899b5624", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35587", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/113", "content": "Oracle Access Manager Pre-Auth RCE (CVE-2021\u201335587 Analysis)\n\n\ud83d\udc64 by Jang and Peter\n\nVulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability may give the attacker access to OAM server, to create any user with any privileges, or just get code execution in the victim\u2019s server\n\nhttps://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316", "creation_timestamp": "2022-03-10T13:25:43.000000Z"}