CVE-2025-61757βOracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
PUBLISHEDvulnerability record
2025-11-21 Β· last modified December 22, 2025
Metadata
Vulnerability Name
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
Description
Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
Known To Be Used in Ransomware Campaigns?
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.