Oracle Corporation has issued a security alert advisory for a critical vulnerability discovered in its Oracle Identity Manager that can result in total compromise of the software suite via an unauthenticated network attack. A fix is now available via Oracle's Fusion Middleware product offering.

Designated CVE-2017-10151, the bug has earned a Common Vulnerability Scoring System (CVSS) base score of 10.0, and specifically resides within the "Default Account" component of Oracle Identity Manager. The flaw affects versions,,,,, and of the software package, which providers users with identity and access management technologies.