Initiatieven voor
Als nationale autoriteit voor cyberveiligheid heeft het CCB verschillende initiatieven ontwikkeld voor specifieke doelgroepen die hier worden gepresenteerd.
Warning: Critical vulnerability in Oracle Identity Manager and Oracle Web Services Manager. Patch Immediately!
Image
Gepubliceerd : 23/03/2026
- Last update: 23/03/2026
- Affected software: Oracle Identity Manager and Oracle Web Services Manager
- Type: Remote Code Execution (RCE)
- CVE/CVSS: CVE-2026-21992: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Sources
Vendor Advisory: https://www.oracle.com/security-alerts/alert-cve-2026-21992.html
NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-21992
Risks
This vulnerability is remotely exploitable without authentication. If successfully exploited, it can result in remote code execution. This has a high impact on availability, integrity and confidentiality. The vulnerability is easily exploitable according to Oracle and poses a risk of active exploitation.
Description
Oracle Identity Manager (OIM) is an identity governance platform that automates user lifecycle management across applications and systems. Oracle Web Services Manager (OWSM), installed with an Oracle Fusion Middleware Infrastructure, provides a policy-driven framework for consistently managing and securing web services across the organization.
CVE-2026-21992 affects both the REST WebServices component of OIM and the Web Services Security components of OWSM. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager and Oracle Web Services Manager. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager and Oracle Web Services Manager.
Although this patch was released outside the regular update cycle, the vendor did not report any active exploitation in the wild.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.