Datawiza
Back to blog
March 26, 2025BlogIndustry

Oracle Cloud Breach & CVE‑2021‑35587: Migrating from Oracle Access Manager (OAM) to Modern Identity Providers with Datawiza

castle-3415423_1280

Recently, CVE‑2021‑35587—a critical flaw in Oracle Access Manager (OAM) within Oracle Fusion Middleware—has raised concerns about breaches in Oracle Cloud environments. This blog explains the risks of continuing with legacy OAM solutions and shows how migrating to modern identity platforms can strengthen your security posture. Datawiza Access Proxy is the key to achieving a seamless transition.

Understanding the Risks: Legacy Systems and CVE‑2021‑35587

Oracle Access Manager has long been relied upon for Single Sign-On (SSO) and authentication management. However, CVE‑2021‑35587—a vulnerability with a CVSS score of 9.8—allows unauthenticated attackers to execute remote code via HTTP. This vulnerability can lead to:

  • Remote Code Execution: Attackers may take complete control of your authentication systems.
  • Data Exposure: Sensitive assets, such as Java KeyStore (JKS) files, encrypted SSO/LDAP credentials, and key files, are at risk.
  • Supply Chain Risks: A breach in OAM can create cascading security issues across interconnected systems.

The Impact on Your Organization

When vulnerabilities like CVE‑2021‑35587 are exploited, the implications can be severe:

  • Mass Data Exposure: Millions of records—including sensitive authentication data—could be compromised.
  • Credential and Key Compromise: Even if credentials are encrypted, sophisticated attackers may eventually decipher them.
  • Financial and Reputational Damage: Extortion attempts and operational downtime can result in costly recovery efforts.
  • Operational Disruption: Legacy systems lacking modern security controls may lead to prolonged downtime and expensive remediation.

The Benefits of Migrating to Modern Identity Platforms

Modern identity platforms such as Microsoft Entra ID, Okta, Cisco Duo, PingOne and others deliver far greater security and flexibility. Key advantages include:

  • Enhanced Security: Built-in Multi-Factor Authentication (MFA), Zero Trust principles, and continuous monitoring drastically reduce risk.
  • Regular Updates and Patching: Cloud-based identity solutions are maintained and updated continuously to protect against emerging threats.
  • Streamlined Integration: Modern IAM solutions seamlessly integrate with your entire digital ecosystem, including cloud-native apps, containers, and orchestration platforms like Kubernetes.

How Datawiza Helps Migrate from OAM

Datawiza Access Proxy simplifies migration from Oracle Access Manager to modern identity providers like Microsoft Entra ID, Okta, Cisco Duo, and more—all without rewriting your applications. Here’s a simplified overview:

migrate from oam via datawiza
migrate from oam via datawiza
  1. Request interception acts like OAM’s WebGate to capture user requests.
  2. User authentication redirections to your chosen identity provider for SSO and MFA.
  3. Claims injection securely re-injects verified identity claims back into protected applications.

The Benefits of Datawiza Access Proxy

  • Identity Provider Agnostic: Easily switch to any modern identity provider in minutes with no vendor lock-in.
  • High Performance: Optimized for speed and scalability, ensuring a fast and reliable authentication experience.
  • Flexible Deployment: Runs on traditional VMs as well as Docker and Kubernetes.

This streamlined approach enhances security, reduces legacy risks, and accelerates your migration to a modern, scalable identity management solution.

Taking Action: Steps to Secure Your Identity Infrastructure

If you’re still relying on Oracle Access Manager, consider these immediate steps:

  • Conduct a Security Audit: Evaluate your current environment for vulnerabilities like CVE‑2021‑35587.
  • Reset and Update Credentials: Rotate passwords and enforce MFA, especially for privileged accounts.
  • Plan Your Migration: Engage with DataWiza to develop a customized migration strategy that minimizes disruption.
  • Implement Continuous Monitoring: Set up real-time alerts to detect suspicious activity and ensure rapid incident response.
  • Collaborate with Security Experts: Partner with cybersecurity professionals to continuously review and enhance your security posture.

Conclusion

The risks posed by legacy systems such as Oracle Access Manager are too great to ignore—especially in light of vulnerabilities like CVE‑2021‑35587 and the recent discussions around Oracle Cloud Breach. Migrating to a modern identity platform—whether it’s Microsoft Entra ID, Okta, Cisco Duo, or another leading provider—not only mitigates these risks but also delivers a robust, scalable, and future-proof solution. Datawiza Access Proxy enables a seamless migration by modernizing your access management without disrupting your applications.

If you’re ready to upgrade your security posture and protect your enterprise from evolving threats, get in touch with Datawiza today or book a demo for a firsthand look at our solution.

Datawiza is Easy to Get Started

Sign up to secure your AI agents and critical enterprise apps

Try Datawiza