Oracle Updates
1790Warning Date
Severity Level
Warning Number
Target Sector
15 April, 2020
● Critical
2020-1145
All
Description:
Oracle has released security update to address 397 vulnerabilities in the following products
- Oracle Database server
- Oracle Global Lifecycle Management
- Oracle Secure Backup
- Oracle Communications Applications
- Oracle Construction and Engineering
- Oracle E-Business Suite
- Oracle Enterprise Manager
- Oracle Financial Services Applications
- Oracle Food and Beverage Applications
- Oracle Fusion Middleware
- Oracle GraalVM
- Oracle Health Sciences Applications
- Oracle Hyperion
- Oracle Java SE
- Oracle JD Edwards
- Oracle Knowledge
- Oracle MySQL
- Oracle PeopleSoft
- Oracle Retail Applications
- Oracle Siebel CRM
- Oracle Supply Chain
- Oracle Support Tools
- Oracle Systems
- Oracle Utilities Applications
- Oracle Virtualization
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of Service (DoS)
- Programs crash
- update, insert or delete data
- Execute arbitrary operation remotely
- Take control of programs
- Access sensitive data
Best practice and Recommendations:
The CERT team encourages users to review Oracle security advisory and apply the necessary updates:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixEM