CVE-2025-61757
Published Oct 21, 2025
Last updated 2 months ago
AI description
CVE-2025-61757 is a vulnerability in the Identity Manager product of Oracle Fusion Middleware, specifically affecting versions 12.2.1.4.0 and 14.1.2.1.0. The affected component is REST WebServices. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Identity Manager. Successful attacks can result in a takeover of the Identity Manager. The vulnerability is classified under CWE-306, which indicates missing or insufficient authentication controls.
- Description
- Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
- Source
- secalert_us@oracle.com
- NVD status
- Analyzed
- Products
- identity_manager
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
- Exploit added on
- Nov 21, 2025
- Exploit action due
- Dec 12, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-306
- Hype score
- Not currently trending
🛡️ We added Oracle Fusion Middleware missing authentication for critical function vulnerability CVE-2025-61757 to our Known Exploited Vulnerabilities Catalog& apply mitigations to protect your org from cyberattacks. #Cybersecurity #infosec https://t.co/U9LX1bg4KU
@expertshelp_
6 Jan 2026
20 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61757 is an eviction notice. 📉 Pre-auth RCE turns your perimeter into a ghost. Attackers don't "break in"—they become the admin of your entire identity fabric. Stop patching legacy debt. Go passwordless. 🛡️ https://t.co/Dbfbsx7BK3 #InfoSec #ZeroTrust #Cyber
@SOFTwarfare
22 Dec 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta de CISA: vulnerabilidad crítica en Oracle Identity Manager . La Agencia de Seguridad de Infraestructura y Ciberseguridad de EE. UU. (CISA) ha añadido la vulnerabilidad CVE-2025-61757. https://t.co/MEu4p7aJSt
@CSIRTCAN
19 Dec 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
CVE-2025-61757 - Oracle Fusion Middleware vulnerability https://t.co/dOU4W7KZwr https://t.co/hDP8lSPImb
@jamesboykin11
15 Dec 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Oracle Identity Manager Pre-Auth RCE (CVE-2025-61757) A critical pre-authentication RCE flaw in Oracle Identity Manager allows attackers to execute code without logging in exploited in the wild and added to CISA’s Known Exploited Vulnerabilities catalog. Severity: CVSS 9.8
@ZBounty18591
12 Dec 2025
31 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-61757 - Oracle Fusion Middleware vulnerability https://t.co/6nUjw70jJr https://t.co/FUc9FNyteP
@SirajD_Official
10 Dec 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61757 - Oracle Fusion Middleware vulnerability https://t.co/fwVwat9nx6 https://t.co/HdzOJeSxzk
@PhotoZel
8 Dec 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61757 - Oracle Fusion Middleware vulnerability https://t.co/ZoJvRF9dZ0 https://t.co/PSh7wzz2oD
@CloudVirtues
7 Dec 2025
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61757 - Oracle Fusion Middleware vulnerability https://t.co/MU1ZGn3Fjh https://t.co/E7MxiBRThw
@scandaletti
6 Dec 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-61757 - Oracle Identity Manager Pre-Auth RCE CVE-2025-61757 in Oracle Identity Manager's REST WebServices component is a critical pre-authentication RCE that allows unauthenticated attackers to fully compromise identity infrastructure. What's brutal: this affects
@the_c_protocol
5 Dec 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
18 new OPEN, 41 new PRO (18 + 23) Cacti (CVE-2025-66399), D-Link (CVE-2025-9769), FLIR (CVE-2025-5127), Oracle (CVE-2025-61757), TA451, TA453, Tenda (CVE-2025-9813), Western Digital (CVE-2016-10108, CVE-2016-10107), Zyxel (CVE-2025-8078) and more https://t.co/QpfhWo6NvF https://
@ET_Labs
2 Dec 2025
336 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-61757 - Oracle Identity Manager Auth Bypass Enables RCE Critical auth bypass in Oracle Identity Manager lets unauthenticated attackers achieve RCE on enterprise identity infrastructure. What's brutal: OIM manages privileged access across the entire
@the_c_protocol
2 Dec 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Oracle Identity Manager Security Advisory [—] Dec 02, 2025 Comprehensive analysis of CVE-2025-61757 and its impact on Oracle Identity Manager. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #Innovation https://t.co/rm4pVKJQYO
@transilienceai
2 Dec 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote Code Execution https://t.co/Lm0ZjfHJij https://t.co/UQaZMBOhO4
@RigneySec
1 Dec 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61757, an authentication-bypass flaw in Oracle Identity Manager, is now in CISA’s KEV with evidence of active exploitation. If you rely on Oracle IdM, this is a “patch now” event. Coverage: https://t.co/MnDgp2gq35
@InfosecDotWatch
1 Dec 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Oracle Identity Manager admins: Zero-day alert! CVE-2025-61757 (missing auth) enables pre-auth RCE—actively exploited per CISA KEV. Quick fix: Patch per Oracle's October 2025 Critical Patch Update. Restrict API access. Don't let IAM become the weak link. Secure it NOW!
@AsensoDerrick3
30 Nov 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Oracle Identity Manager [—] Nov 28, 2025 Product Security Advisory Report on CVE-2025-61757 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #Innovation #LLM https://t.co/N3wraeokJv
@transilienceai
28 Nov 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Barracuda recommends the following actions to secure Oracle Identity Manager against CVE-2025-61757. Check out the #CybersecurityThreatAdvisory to keep your clients protected: https://t.co/JfT7uYQToO
@SmarterMSP
27 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HackerNotes TLDR for episode 150! — https://t.co/Vg5nxRAnes ►⠀Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757): Global SecurityFilter rules in web.xml using a .wadl regex on getRequestURI() could be bypassed with matrix params like ;.wadl, exposing
@ctbbpodcast
27 Nov 2025
1681 Impressions
1 Retweet
23 Likes
13 Bookmarks
0 Replies
0 Quotes
🚨 Oracle Identity Collapse A pre-auth RCE (CVE-2025-61757) lets attackers take over Oracle Identity Manager with NO LOGIN needed. Full kill chain in today’s System Fracture episode. 👉 Watch now: https://t.co/5uf3XsMhTn #cybersecurity #infosec #zeroday https://t.co/zx05
@PBSech
26 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/0hwIrBxvkQ Critical 9.8 vulnerability in Oracle Identity Manager The American CISA has officially warned of a critical vulnerability in Oracle Identity Manager version 9.8, identified as CVE-2025-61757, which is currently being exploited. This vulnerability allow
@B2bCyber
26 Nov 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Oracle Identity Flaw CVE-2025-61757 Actively Exploited: The U.S. Cybersecurity and Infrastructure Security Agency issued an urgent warning, Read more - https://t.co/8kHCAh1v1H #OracleIdentity #CVE202561757 #IdentityAndAccessManagement #VulnerabilityManagement #CyberSecurity htt
@GRCTechInsight
26 Nov 2025
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical flaw in Oracle's Identity Manager has been exploited in the wild, marking the latest threat for customers of the enterprise software giant. CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware. htt
@Guardian360nl
25 Nov 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Oracle users, beware! A critical flaw (CVE-2025-61757) is being exploited widely. Don't let your company become the next victim. Patch now and protect your identity management system! #oracle #cybersecurity #infosec https://t.co/cq8NC8iZwO
@Synapze_
25 Nov 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-61757
@transilienceai
25 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Reports indicate that a critical flaw in Oracle Identity Manager, CVE-2025-61757, is being exploited following a breach of Oracle Cloud and an extortion campaign aimed at Oracle E-Business Suite customers. #CyberSecurity #Oracle https://t.co/a7dBJ0KRhc
@Cyber_O51NT
25 Nov 2025
472 Impressions
0 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAがOracle Identity Managerの脆弱性「CVE-2025-61757」をKEVに追加 https://t.co/fbuMWgL7N1 #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
25 Nov 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA alerta falha crítica em Oracle Identity Manager: Vulnerabilidade CVE-2025-61757 permite execução remota de código sem autenticação e foi explorada possivelmente como zero-day; órgãos públicos dos EUA têm até 12/12 para aplicar correção. https://t.co/8oTUWQy62K
@caveiratech
25 Nov 2025
52 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Release Analysis: #Oracle Identity Manager Faces Active Exploitation of #CVE-2025-61757 https://t.co/End8oYivDE
@UndercodeNews
24 Nov 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 In case you missed it, CVE-2025-61757 was added to the CISA KEV on Friday, with likely exploitation as a 0-day as early as August. The pre-authentication vulnerability affects Oracle Identity Manager’s REST WebServices component. Successful exploitation enables an attacke
@Horizon3ai
24 Nov 2025
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA adds Oracle Identity Manager vulnerability (CVE-2025-61757) to KEV database after active exploitation enables remote code execution. Over 100 firms hit by CL0P ransomware targeting Oracle EBS, including Mazda and Cox. #OracleSecurity #Ransomware https://t.co/064V5OIT4Z
@TweetThreatNews
24 Nov 2025
96 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
nu11secur1ty: CVE-2025-61757-Oracle-wl_server-12.2.1.4.0-RCE https://t.co/ncftVXcP32
@nu11secur1ty1
24 Nov 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Oracle Identity Manager CVE-2025-61757 is now in CISA's KEV list, confirming active exploitation-apply Oracle's patch immediately. https://t.co/vCNYeNfV5y #infosec #CVE2025-61757 #Oracle
@_UncleHacker_
24 Nov 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La CISA a ajouté la vulnérabilité CVE-2025-61757 de Oracle Identity Manager, permettant une exécution de code arbitraire, à son catalogue KEV. https://t.co/PzObhPbMpg
@cert_ist
24 Nov 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERTĂ: Vulnerabilitate critică în Oracle Identity Manager (CVE-2025-61757) 👉 https://t.co/WaE94VIznQ #DNSC #CyberSecurity #Vulnerability #CVE #CyberAlert https://t.co/fowsy8GaNQ
@DNSC_RO
24 Nov 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Oracle Fusion Middlewareの一部であるIdentity Managerにおいて、HTTP経由でアクセス可能な認証されていないリモートの攻撃者が任意のコード実行可能な脆弱性 CVE-2025-61757 について CISA が KEV に掲載。 https://t.co/NznhJl7luc
@ntsuji
24 Nov 2025
2113 Impressions
1 Retweet
7 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA has added CVE-2025-61757, a critical vulnerability in Oracle Identity Manager, to its Known Exploited Vulnerabilities catalog due to active exploitation. This flaw, with a CVSS score of 9. https://t.co/FIIp9NGJum
@securityRSS
24 Nov 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na starší zranitelnost v Oracle Identity Manager (součást Oracle Fusion Middleware), CVE-2025-61757. CISA zveřejnila informaci, že zranitelnost je aktivně zneužívána v reálných útocích. Tato chyba umožňuje neautentizované vzdálené spouštění
@GOVCERT_CZ
24 Nov 2025
355 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA warns government agencies to patch Oracle Identity Manager CVE-2025-61757 to prevent exploitation! #Cybersecurity #ZeroDay ⚠️ Link: https://t.co/9CENvBUx7B
@JamaalChalid
24 Nov 2025
78 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Oracle Fusion Middleware missing authentication for critical function vulnerability CVE-2025-61757 to our Known Exploited Vulnerabilities Catalog& apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/ACCX3sumYV
@GlobalSecHQ
23 Nov 2025
5 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent WAF update! 🚨 We've added critical protection against CVE-2025-61757, a serious Oracle Identity Manager vulnerability. Blocking unauthenticated attacks & safeguarding your systems. Stay secure! 🛡️ https://t.co/1aly5KnkQ5
@mveracf
23 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical WAF update! We've added protection against CVE-2025-61757, a serious Oracle Identity Manager vulnerability. Blocks unauthenticated access & prevents full system compromise. Stay secure! 🛡️ https://t.co/3fj70Kxbys
@CFchangelog
23 Nov 2025
387 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical security flaw in Oracle Identity Manager CVE-2025-61757 (CVSS 9.8) actively exploited by CISA! Missing authentication can lead to pre-authenticated access. #Cybersecurity #Vulnerabilities #CISA https://t.co/2RcFWC2EvO
@JamaalChalid
23 Nov 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of active exploitation of critical Oracle Identity Manager vulnerability (CVE-2025-61757). Agencies must patch by Dec 12, 2025. Link: https://t.co/arvljdJoHx #Security #Patch #Exploit #Oracle #CISA #Alert #Risk #Safety #Software #Threat #Update #Defense #Network https:
@dailytechonx
23 Nov 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Oracle Identity Manager 远程代码执行漏洞CVE-2025-61757 https://t.co/PokASxcYV4
@tdatwja
23 Nov 2025
278 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐍𝐞𝐰 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐩𝐮𝐛𝐥𝐢𝐬𝐡𝐞𝐝! CISA warns of active attacks exploiting CVE-2025-61757 in Oracle Identity Manager. Learn how to detect, patch, and prevent this critical z
@PurpleOps_io
23 Nov 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐇𝐨𝐭 𝐨𝐧 𝐭𝐡𝐞 𝐛𝐥𝐨𝐠 𝐭𝐨𝐝𝐚𝐲: Oracle users face a dangerous zero-day exploit. Learn how CVE-2025-61757 lets attackers bypass auth and escalate privileges fast. Read it here → https://t.co/qAuORvZoiE Let us know your thoughts!
@PurpleOps_io
23 Nov 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Actively Exploited Oracle Identity Manager Flaw (CVE-2025-61757): Pre-Auth RCE UNDER ACTIVE ATTACK Read the full report on - https://t.co/OwDoMLC9wK https://t.co/ab2Am4uIo4
@cyberbivash
23 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【脆弱性悪用警告】米国サイバーセキュリティ・インフラストラクチャセキュリティ庁(CISA)が、Oracle Identity Managerの深刻な脆弱性CVE-2025-61757が実際の攻撃で悪用されていると警告した。この脆弱性はゼロデ
@nakajimeeee
23 Nov 2025
512 Impressions
1 Retweet
6 Likes
1 Bookmark
1 Reply
0 Quotes
Threat actors are actively exploiting a critical authentication bypass vulnerability (vulnerability (CVE-2025-61757)) in Oracle Identity Manager, enabling pre-authenticated remote code execution. This allows attackers to manipulate authentication flows and move laterally across
@cybernewslive
22 Nov 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95593D6C-8396-4AF5-BA79-8DB8EDA9FC5B"
},
{
"criteria": "cpe:2.3:a:oracle:identity_manager:14.1.2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA634664-8CC5-4017-A445-A23E205BEEC2"
}
],
"operator": "OR"
}
]
}
]