Remote unauthenticated attack bug gets perfect CVSS score
Oracle is urging users of its enterprise identity management system to apply an emergency update to stomp a bug that allows attackers take over the system. The bug has been given a CVSS score of 10.0 – or critical – and could allow a remote, unauthorised hacker access to systems. Oracle said the vuln "can result in complete compromise of Oracle Identity Manager via an unauthenticated network attack". Oracle described the flaw as "easily exploitable". It allows "unauthenticated attacker with ...