CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Mondayaddeda critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked asCVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. <!-