CVE-2025-61757

Published Oct 21, 2025

Last updated 11 days ago

Exploit knownCVSS critical 9.8
Oracle Identity Manager

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-61757 is a vulnerability in the Identity Manager product of Oracle Fusion Middleware, specifically affecting versions 12.2.1.4.0 and 14.1.2.1.0. The affected component is REST WebServices. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Identity Manager. Successful attacks can result in a takeover of the Identity Manager. The vulnerability is classified under CWE-306, which indicates missing or insufficient authentication controls.

Description
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Source
secalert_us@oracle.com
NVD status
Analyzed
Products
identity_manager

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
Exploit added on
Nov 21, 2025
Exploit action due
Dec 12, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-306

Social media

Hype score
Not currently trending

  1. 18 new OPEN, 41 new PRO (18 + 23) Cacti (CVE-2025-66399), D-Link (CVE-2025-9769), FLIR (CVE-2025-5127), Oracle (CVE-2025-61757), TA451, TA453, Tenda (CVE-2025-9813), Western Digital (CVE-2016-10108, CVE-2016-10107), Zyxel (CVE-2025-8078) and more https://t.co/QpfhWo6NvF https://

    @ET_Labs

    2 Dec 2025

    336 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🔴 CVE-2025-61757 - Oracle Identity Manager Auth Bypass Enables RCE Critical auth bypass in Oracle Identity Manager lets unauthenticated attackers achieve RCE on enterprise identity infrastructure. What's brutal: OIM manages privileged access across the entire

    @the_c_protocol

    2 Dec 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Oracle Identity Manager Security Advisory [—] Dec 02, 2025 Comprehensive analysis of CVE-2025-61757 and its impact on Oracle Identity Manager. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #Innovation https://t.co/rm4pVKJQYO

    @transilienceai

    2 Dec 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote Code Execution https://t.co/Lm0ZjfHJij https://t.co/UQaZMBOhO4

    @RigneySec

    1 Dec 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-61757, an authentication-bypass flaw in Oracle Identity Manager, is now in CISA’s KEV with evidence of active exploitation. If you rely on Oracle IdM, this is a “patch now” event. Coverage: https://t.co/MnDgp2gq35

    @InfosecDotWatch

    1 Dec 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 Oracle Identity Manager admins: Zero-day alert! CVE-2025-61757 (missing auth) enables pre-auth RCE—actively exploited per CISA KEV. Quick fix: Patch per Oracle's October 2025 Critical Patch Update. Restrict API access. Don't let IAM become the weak link. Secure it NOW!

    @AsensoDerrick3

    30 Nov 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 Oracle Identity Manager [—] Nov 28, 2025 Product Security Advisory Report on CVE-2025-61757 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #Innovation #LLM https://t.co/N3wraeokJv

    @transilienceai

    28 Nov 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. #Barracuda recommends the following actions to secure Oracle Identity Manager against CVE-2025-61757. Check out the #CybersecurityThreatAdvisory to keep your clients protected: https://t.co/JfT7uYQToO

    @SmarterMSP

    27 Nov 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. HackerNotes TLDR for episode 150! — https://t.co/Vg5nxRAnes ►⠀Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757): Global SecurityFilter rules in web.xml using a .wadl regex on getRequestURI() could be bypassed with matrix params like ;.wadl, exposing

    @ctbbpodcast

    27 Nov 2025

    1681 Impressions

    1 Retweet

    23 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 Oracle Identity Collapse A pre-auth RCE (CVE-2025-61757) lets attackers take over Oracle Identity Manager with NO LOGIN needed. Full kill chain in today’s System Fracture episode. 👉 Watch now: https://t.co/5uf3XsMhTn #cybersecurity #infosec #zeroday https://t.co/zx05

    @PBSech

    26 Nov 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. https://t.co/0hwIrBxvkQ Critical 9.8 vulnerability in Oracle Identity Manager The American CISA has officially warned of a critical vulnerability in Oracle Identity Manager version 9.8, identified as CVE-2025-61757, which is currently being exploited. This vulnerability allow

    @B2bCyber

    26 Nov 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Oracle Identity Flaw CVE-2025-61757 Actively Exploited: The U.S. Cybersecurity and Infrastructure Security Agency issued an urgent warning, Read more - https://t.co/8kHCAh1v1H #OracleIdentity #CVE202561757 #IdentityAndAccessManagement #VulnerabilityManagement #CyberSecurity htt

    @GRCTechInsight

    26 Nov 2025

    44 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. A critical flaw in Oracle's Identity Manager has been exploited in the wild, marking the latest threat for customers of the enterprise software giant. CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware. htt

    @Guardian360nl

    25 Nov 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  14. Oracle users, beware! A critical flaw (CVE-2025-61757) is being exploited widely. Don't let your company become the next victim. Patch now and protect your identity management system! #oracle #cybersecurity #infosec https://t.co/cq8NC8iZwO

    @Synapze_

    25 Nov 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Actively exploited CVE : CVE-2025-61757

    @transilienceai

    25 Nov 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  16. Reports indicate that a critical flaw in Oracle Identity Manager, CVE-2025-61757, is being exploited following a breach of Oracle Cloud and an extortion campaign aimed at Oracle E-Business Suite customers. #CyberSecurity #Oracle https://t.co/a7dBJ0KRhc

    @Cyber_O51NT

    25 Nov 2025

    472 Impressions

    0 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CISAがOracle Identity Managerの脆弱性「CVE-2025-61757」をKEVに追加 https://t.co/fbuMWgL7N1 #セキュリティ対策Lab #セキュリティ #Security

    @securityLab_jp

    25 Nov 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CISA alerta falha crítica em Oracle Identity Manager: Vulnerabilidade CVE-2025-61757 permite execução remota de código sem autenticação e foi explorada possivelmente como zero-day; órgãos públicos dos EUA têm até 12/12 para aplicar correção. https://t.co/8oTUWQy62K

    @caveiratech

    25 Nov 2025

    52 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. 🚨 Critical Release Analysis: #Oracle Identity Manager Faces Active Exploitation of #CVE-2025-61757 https://t.co/End8oYivDE

    @UndercodeNews

    24 Nov 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. 🚨 In case you missed it, CVE-2025-61757 was added to the CISA KEV on Friday, with likely exploitation as a 0-day as early as August. The pre-authentication vulnerability affects Oracle Identity Manager’s REST WebServices component. Successful exploitation enables an attacke

    @Horizon3ai

    24 Nov 2025

    117 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  21. CISA adds Oracle Identity Manager vulnerability (CVE-2025-61757) to KEV database after active exploitation enables remote code execution. Over 100 firms hit by CL0P ransomware targeting Oracle EBS, including Mazda and Cox. #OracleSecurity #Ransomware https://t.co/064V5OIT4Z

    @TweetThreatNews

    24 Nov 2025

    96 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  22. nu11secur1ty: CVE-2025-61757-Oracle-wl_server-12.2.1.4.0-RCE https://t.co/ncftVXcP32

    @nu11secur1ty1

    24 Nov 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Oracle Identity Manager CVE-2025-61757 is now in CISA's KEV list, confirming active exploitation-apply Oracle's patch immediately. https://t.co/vCNYeNfV5y #infosec #CVE2025-61757 #Oracle

    @_UncleHacker_

    24 Nov 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. La CISA a ajouté la vulnérabilité CVE-2025-61757 de Oracle Identity Manager, permettant une exécution de code arbitraire, à son catalogue KEV. https://t.co/PzObhPbMpg

    @cert_ist

    24 Nov 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. 🚨 ALERTĂ: Vulnerabilitate critică în Oracle Identity Manager (CVE-2025-61757) 👉 https://t.co/WaE94VIznQ #DNSC #CyberSecurity #Vulnerability #CVE #CyberAlert https://t.co/fowsy8GaNQ

    @DNSC_RO

    24 Nov 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Oracle Fusion Middlewareの一部であるIdentity Managerにおいて、HTTP経由でアクセス可能な認証されていないリモートの攻撃者が任意のコード実行可能な脆弱性 CVE-2025-61757 について CISA が KEV に掲載。 https://t.co/NznhJl7luc

    @ntsuji

    24 Nov 2025

    2113 Impressions

    1 Retweet

    7 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  27. CISA has added CVE-2025-61757, a critical vulnerability in Oracle Identity Manager, to its Known Exploited Vulnerabilities catalog due to active exploitation. This flaw, with a CVSS score of 9. https://t.co/FIIp9NGJum

    @securityRSS

    24 Nov 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. 🚨Upozorňujeme na starší zranitelnost v Oracle Identity Manager (součást Oracle Fusion Middleware), CVE-2025-61757. CISA zveřejnila informaci, že zranitelnost je aktivně zneužívána v reálných útocích. Tato chyba umožňuje neautentizované vzdálené spouštění

    @GOVCERT_CZ

    24 Nov 2025

    355 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. 🚨 CISA warns government agencies to patch Oracle Identity Manager CVE-2025-61757 to prevent exploitation! #Cybersecurity #ZeroDay ⚠️ Link: https://t.co/9CENvBUx7B

    @JamaalChalid

    24 Nov 2025

    78 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  30. 🛡️ We added Oracle Fusion Middleware missing authentication for critical function vulnerability CVE-2025-61757 to our Known Exploited Vulnerabilities Catalog& apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/ACCX3sumYV

    @GlobalSecHQ

    23 Nov 2025

    5 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 🚨 Urgent WAF update! 🚨 We've added critical protection against CVE-2025-61757, a serious Oracle Identity Manager vulnerability. Blocking unauthenticated attacks & safeguarding your systems. Stay secure! 🛡️ https://t.co/1aly5KnkQ5

    @mveracf

    23 Nov 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 🚨 Critical WAF update! We've added protection against CVE-2025-61757, a serious Oracle Identity Manager vulnerability. Blocks unauthenticated access & prevents full system compromise. Stay secure! 🛡️ https://t.co/3fj70Kxbys

    @CFchangelog

    23 Nov 2025

    387 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 🚨 Critical security flaw in Oracle Identity Manager CVE-2025-61757 (CVSS 9.8) actively exploited by CISA! Missing authentication can lead to pre-authenticated access. #Cybersecurity #Vulnerabilities #CISA https://t.co/2RcFWC2EvO

    @JamaalChalid

    23 Nov 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. CISA warns of active exploitation of critical Oracle Identity Manager vulnerability (CVE-2025-61757). Agencies must patch by Dec 12, 2025. Link: https://t.co/arvljdJoHx #Security #Patch #Exploit #Oracle #CISA #Alert #Risk #Safety #Software #Threat #Update #Defense #Network https:

    @dailytechonx

    23 Nov 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. Oracle Identity Manager 远程代码执行漏洞CVE-2025-61757 https://t.co/PokASxcYV4

    @tdatwja

    23 Nov 2025

    278 Impressions

    0 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. 🚨 𝐍𝐞𝐰 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐩𝐮𝐛𝐥𝐢𝐬𝐡𝐞𝐝! CISA warns of active attacks exploiting CVE-2025-61757 in Oracle Identity Manager. Learn how to detect, patch, and prevent this critical z

    @PurpleOps_io

    23 Nov 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. 📢 𝐇𝐨𝐭 𝐨𝐧 𝐭𝐡𝐞 𝐛𝐥𝐨𝐠 𝐭𝐨𝐝𝐚𝐲: Oracle users face a dangerous zero-day exploit. Learn how CVE-2025-61757 lets attackers bypass auth and escalate privileges fast. Read it here → https://t.co/qAuORvZoiE Let us know your thoughts!

    @PurpleOps_io

    23 Nov 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. CISA Warns of Actively Exploited Oracle Identity Manager Flaw (CVE-2025-61757): Pre-Auth RCE UNDER ACTIVE ATTACK Read the full report on - https://t.co/OwDoMLC9wK https://t.co/ab2Am4uIo4

    @Iambivash007

    23 Nov 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. 【脆弱性悪用警告】米国サイバーセキュリティ・インフラストラクチャセキュリティ庁(CISA)が、Oracle Identity Managerの深刻な脆弱性CVE-2025-61757が実際の攻撃で悪用されていると警告した。この脆弱性はゼロデ

    @nakajimeeee

    23 Nov 2025

    512 Impressions

    1 Retweet

    6 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  40. Threat actors are actively exploiting a critical authentication bypass vulnerability (vulnerability (CVE-2025-61757)) in Oracle Identity Manager, enabling pre-authenticated remote code execution. This allows attackers to manipulate authentication flows and move laterally across

    @cybernewslive

    22 Nov 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. A recently patched Oracle Identity Manager vulnerability may have been exploited as a zero-day. Tracked as CVE-2025-61757 can allow attackers to manipulate authentication flows, escalate privileges, and move laterally across an organization's core systems. https://t.co/EYV78B3wgC

    @riskigy

    22 Nov 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. Threat actors are exploiting a pre-authentication remote code execution (RCE) vulnerability (vulnerability (CVE-2025-61757)) in Oracle Identity Manager, potentially as a zero-day, to gain unauthorized access. This exposes government agencies to immediate risk of compromise and

    @cybernewslive

    22 Nov 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. 🚨 #CVE-2025-61757: The #Oracle Identity Manager Zero-Day Exploit Unpacked – What You Need to Patch NOW https://t.co/llieSxq0Kw Educational Purposes!

    @UndercodeUpdate

    22 Nov 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757) https://t.co/1yE48fWviS

    @warthogtk

    22 Nov 2025

    51 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. CISA adds Oracle Identity Manager CVE-2025-61757 to KEV. Pre-auth RCE. Missing authentication for critical function. Actively exploited in wild. Federal agencies patch deadline Dec 12. https://t.co/NB6fTPCH3N

    @billbisthere

    22 Nov 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. Oracle Zero-Day (CVE-2025-61757) Under Active Exploitation, CISA Issues Alert #CyberSecurity #CISA #Oracle #ZeroDay #CVE202561757 #Infosec #DataSecurity #Vulnerability #RCE #CyberThreats https://t.co/URyJzOFt5f

    @cyashadotcom

    22 Nov 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. 🌍 @CISACyber added CVE-2025-61757 - a critical Oracle Identity Manager flaw - to its KEV list after signs of active exploitation. Attackers can bypass auth by appending ?WSDL or ;.wadl, hitting protected endpoints + achieving pre-auth RCE. Researchers say it may have been h

    @TechNadu

    22 Nov 2025

    71 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. GitHub - Jinxia62/Oracle-Identity-Manager-CVE-2025-61757: Oracle Identity Manager 远程代码执行漏洞CVE-2025-61757 https://t.co/XbgCrYlkxX

    @akaclandestine

    22 Nov 2025

    2492 Impressions

    9 Retweets

    32 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  49. 🚨 Oracle Identity Manager Pre-Auth RCE Actively Exploited (CVE-2025-61757) CISA added CVE-2025-61757 to KEV—unauthenticated RCE in Oracle Identity Manager is being actively exploited. What's brutal: attackers don't need credentials to execute arbitrary code on enterprise

    @the_c_protocol

    22 Nov 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. 21/11/2025 CISA alerts of active exploitation of CVE-2025-61757 in Oracle Identity Manager. Gov agencies must patch this RCE flaw to prevent attacks. 🛡️ Source: https://t.co/fEgkMJwoen

    @kernyx64

    22 Nov 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.