The official site for Saudi CERT
Oracle Updates
2315
Warning Date
Severity Level
Warning Number
Target Sector
22 July, 2021
● Critical
2021-3239
All
Description:
Oracle has released security update to address 342 vulnerabilities in the following products:
- Big Data Spatial and Graph
- prior to 2.0
- prior to 23.1
- Enterprise Manager Base Platform
- 13.4.0.0
- Essbase
- 21.2
- Essbase Analytic Provider Services
- 11.1.2.4
- 21.2
- Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers
- prior to XCP2400
- prior to XCP3100
- Hyperion Essbase Administration Services
- 11.1.2.4
- 21.2
- Hyperion Financial Reporting
- 11.1.2.4
- 11.2.5.0
- Hyperion Infrastructure Technology
- 11.1.2.4
- 11.2.5.0
- Identity Manager
- 11.1.2.2.0
- 11.1.2.3.0
- 12.2.1.3.0
- 12.2.1.4.0
- Instantis EnterpriseTrack
- 17.1
- 17.2
- 17.3
- JD Edwards EnterpriseOne Orchestrator
- 9.2.5.3 and prior
- JD Edwards EnterpriseOne Tools
- 9.2.5.3 and prior
- MICROS Compact Workstation 3
- 310
- MICROS ES400 Series
- 400
- 410
- MICROS Kitchen Display System Hardware
- 210
- MICROS Workstation 5A
- 5A
- MICROS Workstation 6
- 610
- 655
- MySQL Cluster
- 8.0.25 and prior
- MySQL Connectors
- 8.0.23 and prior
- MySQL Enterprise Monitor
- 8.0.23 and prior
- MySQL Server
- 5.7.34 and prior
- 8.0.25 and prior
- Oracle Access Manager
- 11.1.2.3.0
- Oracle Agile Engineering Data Management
- 6.2.1.0
- Oracle Agile PLM
- 9.3.3
- 9.3.5
- 9.3.6
- Oracle Application Express
- prior to 21.1.0.0.4
- Oracle Application Express (CKEditor)
- prior to 21.1.0.0.1
- Oracle Application Express Application Builder (DOMPurify)
- prior to 21.1.0.0.1
- Oracle Application Testing Suite
- 13.3.0.1
- Oracle BAM (Business Activity Monitoring)
- 11.1.1.9.0
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle Banking Enterprise Default Management
- 2.10.0
- 2.12.0
- Oracle Banking Liquidity Management
- 14.2
- 14.3
- 14.5
- Oracle Banking Party Management
- 2.7.0
- Oracle Banking Platform
- 2.4.0
- 2.7.1
- 2.9.0
- 2.12.0
- Oracle Banking Treasury Management
- 14.4
- Oracle BI Publisher
- 5.5.0.0.0
- 11.1.1.7.0
- 11.1.1.9.0
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle Business Intelligence Enterprise Edition
- 12.2.1.4.0
- Oracle Coherence
- 3.7.1.0
- 12.1.3.0.0
- 12.2.1.3.0
- 12.2.1.4.0
- 14.1.1.0.0
- Oracle Commerce Guided Search
- 11.3.2
- Oracle Commerce Guided Search / Oracle Commerce Experience Manager
- 11.3.1.5
- 11.3.2
- Oracle Commerce Merchandising
- 11.1.0
- 11.2.0
- 11.3.0-11.3.2
- Oracle Commerce Platform
- 11.0.0
- 11.1.0
- 11.2.0
- 11.3.0-11.3.2
- Oracle Commerce Service Center
- 11.0.0
- 11.1.0
- 11.2.0
- 11.3.0-11.3.2
- Oracle Communications Application Session Controller
- 3.9
- Oracle Communications Billing and Revenue Management
- 7.5.0.23.0
- 12.0.0.3.0
- Oracle Communications BRM - Elastic Charging Engine
- 11.3.0.9.0
- 12.0.0.3.0
- Oracle Communications Cloud Native Core Console
- 1.4.0
- Oracle Communications Cloud Native Core Network Function Cloud Native Environment
- 1.4.0
- 1.7.0
- Oracle Communications Cloud Native Core Network Slice Selection Function
- 1.2.1
- Oracle Communications Cloud Native Core Policy
- 1.5.0
- 1.9.0
- Oracle
- 1.7.0
- Oracle Communications Cloud Native Core Service Communication Proxy
- 1.5.2
- Oracle Communications Cloud Native Core Unified Data Repository
- 1.4.0
- 1.6.0
- Oracle Communications Convergent Charging Controller
- 12.0.4.0.0
- Oracle Communications Design Studio
- 7.4.2
- Oracle Communications Diameter Signaling Router (DSR)
- 8.0.0-8.5.0
- Oracle Communications EAGLE Software
- 46.6.0-46.8.2
- Oracle Communications Evolved Communications Application Server
- 7.1
- Oracle Communications Instant Messaging Server
- 10.0.1.4.0
- Oracle Communications Network Charging and Control
- 6.0.1.0
- 12.0.1.0-12.0.4.0
- 12.0.4.0.0
- Oracle Communications Offline Mediation Controller
- 12.0.0.3.0
- Oracle Communications Pricing Design Center
- 12.0.0.3.0
- Oracle Communications Services Gatekeeper
- 7.0, 8.2
- Oracle Communications Unified Inventory Management
- 7.3.2
- 7.3.4
- 7.3.5
- 7.4.0
- 7.4.1
- Oracle Configuration Manager
- 12.1.2.0.8
- Oracle Data Integrator
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle Database Server
- 12.1.0.2
- 12.2.0.1
- 19c
- Oracle E-Business Suite
- 12.1.1-12.1.3
- 12.2.3-12.2.10
- Oracle Enterprise Data Quality
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle Enterprise Repository
- 11.1.1.7.0
- Oracle Financial Services Analytical Applications Infrastructure
- 8.0.6-8.0.9
- 8.1.0
- 8.1.1
- Oracle Financial Services Crime and Compliance Investigation Hub
- 20.1.2
- Oracle Financial Services Regulatory Reporting with AgileREPORTER
- 8.0.9.6.3
- Oracle Financial Services Revenue Management and Billing Analytics
- 2.7.0
- 2.8.0
- Oracle FLEXCUBE Private Banking
- 12.0.0
- 12.1.0
- Oracle FLEXCUBE Universal Banking
- 12.0-12.4
- 14.0-14.4.0
- Oracle MapViewer
- 12.2.1.4.0
- Oracle GoldenGate Application Adapters
- 19.1.0.0.0
- Oracle GraalVM Enterprise Edition
- 20.3.2
- 21.1.0
- Oracle Hospitality Reporting and Analytics
- 9.1.0
- Oracle Hospitality Suite8
- 8.13
- 8.14
- Oracle Hyperion BI+
- 11.1.2.4
- 11.2.5.0
- Oracle Insurance Policy Administration
- 11.0.2
- 11.1.0-11.3.0
- Oracle Insurance Policy Administration J2EE
- 11.0.2
- Oracle Insurance Rules Palette
- 11.0.2
- 11.1.0-11.3.0
- Oracle Java SE
- 7u301
- 8u291
- 11.0.11
- 16.0.1
- Oracle JDeveloper
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle JDeveloper and ADF
- 12.2.1.4.0
- Oracle Managed File Transfer
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle Outside In Technology
- 8.5.5
- Oracle Policy Automation
- 12.2.0-12.2.22
- Oracle Retail Back Office
- 14.1
- Oracle Retail Central Office
- 14.1
- Oracle Retail Customer Engagement
- 16.0-19.0
- Oracle Retail Customer Management and Segmentation Foundation
- 16.0-19.0
- Oracle Retail Financial Integration
- 14.1.3.2
- 15.0.3.1
- 16.0.3.0
- Oracle Retail Integration Bus
- 14.1.3.2
- 15.0.3.1
- 16.0.3.0
- Oracle Retail Merchandising System
- 14.1.3.2
- 15.0.3.1
- 16.0.3
- Oracle Retail Order Broker
- 15.0
- 16.0
- Oracle Retail Order Management System Cloud Service
- 19.5
- Oracle Retail Point-of-Service
- 14.1
- Oracle Retail Price Management
- 14.0
- 14.1
- 15.0
- 16.0
- Oracle Retail Returns Management
- 14.1
- Oracle Retail Service Backbone
- 14.1.3.2
- 15.0.3.1
- 16.0.3.0
- Oracle Retail Xstore Point of Service
- 16.0.6
- 17.0.4
- 18.0.3
- 19.0.2
- 20.0.1
- Oracle SD-WAN Aware
- 8.2
- 9.0
- Oracle SD-WAN Edge
- 8.2
- 9.0
- 9.1
- Oracle Secure Global Desktop
- 5.6
- Oracle Solaris
- 11
- Oracle Solaris Cluster
- 4.4
- Oracle Transportation Management
- 6.4.3
- Oracle VM VirtualBox
- prior to 6.1.24
- Oracle WebCenter Portal
- 11.1.1.9.0
- 12.2.1.3.0
- 12.2.1.4.0
- Oracle WebLogic Server
- 10.3.6.0.0
- 12.1.3.0.0
- 12.2.1.3.0
- 12.2.1.4.0
- 14.1.1.0.0
- Oracle ZFS Storage Appliance Kit
- 8.8
- OSS Support Tools
- prior to 2.12.41
- PeopleSoft Enterprise CS Campus Community
- 9.0
- 9.2
- PeopleSoft Enterprise HCM Candidate Gateway
- 9.2
- PeopleSoft Enterprise HCM Shared Components
- 9.2
- PeopleSoft Enterprise PeopleTools
- 8.57
- 8.58
- 8.58.8.59
- 8.59
- PeopleSoft Enterprise PT PeopleTools
- 8.57
- 8.58
- 8.59
- Primavera Gateway
- 17.12.0-17.12.11
- 18.8.0-18.8.11
- 19.12.0-19.12.10
- 20.12.0
- Primavera P6 Enterprise Project Portfolio Management
- 17.12.0-17.12.20
- 18.8.0-18.8.23
- 19.12.0-19.12.14
- 20.12.0-20.12.3
- Primavera Unifier
- 17.7-17.12
- 18.8
- 19.12
- 20.12
- Real-Time Decisions (RTD) Solutions
- 3.2.0.0
- Siebel Applications
- 21.5 and prior
- StorageTek Tape Analytics SW Tool
- 2.3
Threats:
Attacker could exploit these vulnerabilities by executing arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review Oracle security advisory and apply the necessary updates:
Rate the content
Share the page
