This week’s release introduces a critical detection for CVE-2025-61757, a vulnerability in the Oracle Identity Manager REST WebServices component.
Key Findings
This flaw allows unauthenticated attackers with network access over HTTP to fully compromise the Identity Manager, potentially leading to a complete takeover.
Impact
Oracle Identity Manager (CVE-2025-61757): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application’s message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | fa584616fe2241608cb8bd1339fdbe7e | N/A | Oracle Identity Manager – Pre-Auth RCE – CVE:CVE-2025-61757 | N/A | Block | This is a new detection. |
Source: Cloudflare
Latest Posts
- SharePoint site analytics: OneNote usage included in site usage reports [MC1194626]
- Microsoft Excel: Enabling M365 subscribers to use Copilot Chat in locally stored modern workbooks [MC1194615]
- (Updated) Microsoft 365 Copilot: Steer your presentation length, tone, style, and images when creating with Copilot [MC1185911]
- (Updated) Changes to how users install Microsoft 365 apps from the Microsoft 365 Copilot app [MC1062453]
![(Updated) New Copilot button in file previewer for OneDrive and SharePoint [MC1182707]](https://mwpro.co.uk/wp-content/uploads/2025/06/street-art-9614300_1920-96x96.webp "(Updated) New Copilot button in file previewer for OneDrive and SharePoint [MC1182707] 6")
