CVE-2025-61757 Scanner

Oracle Identity Manager is a software application used by enterprises to manage and govern identities across various systems. It is typically deployed in corporate environments to ensure that the right individuals have access to appropriate resources. The software is utilized by IT departments to streamline user provisioning and compliance reporting processes. By managing user lifecycles from onboarding to offboarding, it helps in reducing identity management costs. Oracle Identity Manager is valued for its automation capabilities and regulatory compliance facilitation. It plays a crucial role in maintaining enterprise security and efficiency.

The authorization bypass vulnerability detected in Oracle Identity Manager allows unauthorized individuals to gain access to systems without proper authentication. This issue can potentially be exploited by attackers with network access, facilitating unauthorized administrative actions. The vulnerability jeopardizes the integrity, confidentiality, and availability of the affected systems. It is critical because an attacker could manipulate or retrieve data without valid authorization. Successful exploitation could lead to complete system takeover by unauthorized users. Addressing this vulnerability is essential to maintaining system security.

This vulnerability in Oracle Identity Manager exists in the REST WebServices component, which fails to properly enforce authentication checks. An attacker can exploit this flaw by sending specially crafted HTTP requests to the vulnerable endpoint. The endpoint, specifically, does not require valid authentication tokens, allowing illegitimate users to execute actions that should be restricted to authenticated users. This could result in unauthorized script execution, evidenced by the success message "Script Compilation Successful". The vulnerability primarily affects the RESTful API handling, undermining the software's security model.

If exploited, this vulnerability can lead to several severe issues. The unauthorized access can result in data breaches, where sensitive information is accessed or exposed. Systems could experience loss of integrity if attackers manipulate data or system settings. Additionally, the availability of the applications managed by Oracle Identity Manager could be compromised, leading to service disruptions or downtime. This can cause significant financial impacts and harm an organization's reputation. Increased security risks and potential regulatory fines are further consequences of exploitation.

REFERENCES

• https://slcyber.io/research-center/breaking-oracles-identity-manager-pre-auth-rce/
• https://nvd.nist.gov/vuln/detail/CVE-2025-61757