Intrusion Prevention

Oracle.Identity.Manager.REST.WebServices.OS.Command.Injection

Description

This indicates an attack attempt to exploit a Command Injection vulnerability in Oracle Identity Manager.
The vulnerability is due to insufficient validation of user-supplied inputs. A remote attacker could exploit this vulnerability by sending a crafted request to the target device. Successful exploitation could lead to remote code execution.

Affected Products

Oracle Identity Manager version 12.2.1.4.0
Oracle Identity Manager version 14.1.2.1.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.oracle.com/security-alerts/cpuoct2025.html

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2026-03-02	35.176	Modified	Sig Added
2025-12-24	35.140	Modified	Default_action:pass:drop
2025-12-03	35.126	New

ID	59509
Created	Nov 26, 2025
Updated	Mar 02, 2026
CVE ID
Tags	Threat Signal
Risk
Known Exploited	Yes
Exploit Prediction Score	84.21%
Default Action	drop
Active
Affected OS	Windows, Linux
Affected App	Oracle
Profile Type	OS Command Injection

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Oracle.Identity.Manager.REST.WebServices.OS.Command.Injection

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Oracle.Identity.Manager.REST.WebServices.OS.Command.Injection

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center