Your review has been sent successfully

Oracle Updates

3342
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

20 October, 2021

● Critical

2021-3704

All

Description:

Oracle has released security updates to address multiple vulnerabilities in the following products:

  • Enterprise Manager Base Platform
    • 13.4.0.0
    • 13.5.0.0
  • Enterprise Manager for Oracle Database
    • 13.4.0.0
  • Enterprise Manager Ops Center
    • 12.4.0.0
  • Essbase Administration Services
    • prior to 11.1.2.4.46
  • Hyperion Financial Management
    • 11.1.2.4
    • 11.2.6.0
  • Hyperion Financial Reporting
    • 11.1.2.4
    • 11.2.6.0
  • Hyperion Infrastructure Technology
    • 11.2.6.0
  • Hyperion Planning
    • 11.1.2.4
    • 11.2.6.0
  • Instantis EnterpriseTrack
    • 17.1
    • 17.2
    • 17.3
  • JD Edwards EnterpriseOne Orchestrator
    • prior to 9.2.6.0
  • JD Edwards EnterpriseOne Tools
    • prior to 9.2.6.0
  • JD Edwards World Security
    • A9.4
  • MySQL Client
    • 8.0.26 and prior
  • MySQL Cluster
    • 7.4.33 and prior
    • 7.5.23 and prior
    • 7.6.19 and prior
    • 8.0.26 and prior
  • MySQL Connectors
    • 8.0.26 and prior
  • MySQL Enterprise Monitor
    • 8.0.25 and prior
  • MySQL Server
    • 5.7.35 and prior
    • 8.0.26 and prior
  • MySQL Workbench
    • 8.0.26 and prior
  • Oracle Agile PLM
    • 9.3.3
    • 9.3.6
  • Oracle Application Express
    • versions prior to 21.1.0
  • Oracle Application Testing Suite
    • 13.3.0.1
  • Oracle Autovue for Agile Product Lifecycle Management
    • 21.0.2
  • Oracle Banking Cash Management
    • 14.2
    • 14.3
    • 14.5
  • Oracle Banking Corporate Lending Process Management
    • 14.2
    • 14.3
    • 14.5
  • Oracle Banking Credit Facilities Process Management
    • 14.2
    • 14.3
    • 14.5
  • Oracle Banking Enterprise Default Management
    • 2.10.0
    • 2.12.0
  • Oracle Banking Extensibility Workbench
    • 14.2
    • 14.3
    • 14.5
  • Oracle Banking Platform
    • 2.6.2
    • 2.7.1
    • 2.9.0
    • 2.12.0
  • Oracle Banking Supply Chain Finance
    • 14.2
    • 14.3
    • 14.5
  • Oracle Banking Trade Finance Process Management
    • 14.2
    • 14.3
    • 14.5
  • Oracle Banking Virtual Account Management
    • 14.2
    • 14.3
    • 14.5
  • Oracle Business Activity Monitoring
    • 11.1.1.9.0
    • 12.2.1.3.0
    • 12.2.1.4.0
  • Oracle Business Intelligence Enterprise Edition
    • 5.5.0.0.0
    • 12.2.1.3.0
    • 12.2.1.4.0
  • Oracle Commerce Guided Search
    • 11.3.2
  • Oracle Commerce Merchandising
    • 11.3.2
  • Oracle Communications Application Session Controller
    • 3.9
  • Oracle Communications Billing and Revenue Management
    • 7.5.0.0.0
    • 12.0.0.3.0
  • Oracle Communications BRM - Elastic Charging Engine
    • 12.0.0.3
  • Oracle Communications Calendar Server
    • 8.0.0.6.0
  • Oracle Communications Cloud Native Core Network Repository Function
    • 1.14.0
  • Oracle Communications Cloud Native Core Policy
    • 1.11.0
  • Oracle Communications Control Plane Monitor
    • 3.4
    • 4.2
    • 4.3
    • 4.4
  • Oracle Communications Converged Application Server - Service Controller
    • 6.2
  • Oracle Communications Design Studio
    • 7.4.2
  • Oracle Communications Diameter Signaling Router
    • 8.0.0.0-8.5.0.0
  • Oracle Communications EAGLE
  • Oracle Communications EAGLE FTP Table Base Retrieval
    • 4.5
  • Oracle Communications EAGLE LNP Application Processor
    • 46.7
    • 46.8
    • 46.9
  • Oracle Communications Element Manager
    • 8.2.0.0-8.2.4.0
  • Oracle Communications Fraud Monitor
    • 3.4-4.4
  • Oracle Communications Interactive Session Recorder
    • 6.4
  • Oracle Communications LSMS
    • 13.1-13.4
  • Oracle Communications Messaging Server
    • 8.1
  • Oracle Communications MetaSolv Solution
    • 6.3.1
  • Oracle Communications Offline Mediation Controller
    • 12.0.0.3.0
  • Oracle Communications Operations Monitor
    • 3.4
    • 4.2
    • 4.3
    • 4.4
  • Oracle Communications Policy Management
    • 12.5.0
  • Oracle Communications Pricing Design Center
    • 12.0.0.3.0
  • Oracle Communications Services Gatekeeper
    • 7.0
  • Oracle Communications Session Border Controller
    • 8.4
    • 9.0
  • Oracle Communications Session Report Manager
    • 8.0.0.0-8.2.5.0
  • Oracle Communications Session Route Manager
    • 8.0.0.0-8.2.5.0
  • Oracle Data Integrator
    • 12.2.1.4.0
  • Oracle Database Server
    • 12.1.0.2
    • 12.2.0.1
    • 19c
    • 21c
  • Oracle Documaker
    • 12.6.0-12.6.4
  • Oracle E-Business Suite
    • 12.1.1-12.1.3
    • 12.2.3-12.2.10
  • Oracle Enterprise Communications Broker
    • 3.2, 3.3
  • Oracle Enterprise Repository
    • 11.1.1.7.0
  • Oracle Enterprise Telephony Fraud Monitor
    • 3.4
    • 4.2
    • 4.3
    • 4.4
  • Oracle Ethernet Switch ES2-64, Oracle Ethernet Switch ES2-72
    • 2.0.0.14
  • Oracle Financial Services Analytical Applications Infrastructure
    • 8.0.6-8.1.1
  • Oracle Financial Services Enterprise Case Management
    • 8.0.7.2.0
    • 8.0.8.1.0
  • Oracle Financial Services Model Management and Governance
    • 8.0.8.0.0-8.1.0.0.0
  • Oracle FLEXCUBE Core Banking
    • 11.7
    • 11.8
    • 11.9
    • 11.10
  • Oracle Global Lifecycle Management OPatch
  • Oracle GoldenGate
    • prior to 19.1.0.0.0.210420
  • Oracle GoldenGate Application Adapters
    • 19.1.0.0.0
  • Oracle GraalVM Enterprise Edition
    • 20.3.3
    • 21.2.0
  • Oracle Graph Server and Client
    • prior to 21.3.0
  • Oracle Health Sciences Central Coding
    • 6.2.0
    • 6.3.0
  • Oracle Health Sciences InForm
    • 6.3.0
  • Oracle Healthcare Data Repository
    • 7.0.2
    • 8.1.0
  • Oracle Healthcare Foundation
    • 7.3
    • 8.0
    • 8.1
  • Oracle Hospitality Cruise Shipboard Property Management System
    • 20.1.0
  • Oracle HTTP Server
    • 11.1.1.9.0
    • 12.2.1.4.0
  • Oracle Insurance Calculation Engine
    • 11.0.0-11.3.1
  • Oracle Insurance Policy Administration
    • 11.0.0-11.3.1
  • Oracle Java SE
    • 7u311
    • 8u301
    • 11.0.12
    • 17
  • Oracle NoSQL Database
  • Oracle Outside In Technology
    • 8.5.5
  • Oracle Real User Experience Insight
    • 13.4.1.0
    • 13.5.1.0
  • Oracle Real-Time Decision Server
    • 3.2.0.0
    • 11.1.1.9.0
  • Oracle REST Data Services
    • versions prior to 21.3
  • Oracle Retail Advanced Inventory Planning
    • 14.1
    • 15.0
    • 16.0
  • Oracle Retail Assortment Planning
    • 16.0
  • Oracle Retail Back Office
    • 14.0
    • 14.1
  • Oracle Retail Bulk Data Integration
    • 16.0.3
    • 19.0.1
  • Oracle Retail Central Office
    • 14.0
    • 14.1
  • Oracle Retail Customer Management and Segmentation Foundation
    • 16.0-19.0
  • Oracle Retail Extract Transform and Load
    • 13.2.8
  • Oracle Retail Financial Integration
    • 14.1.3.2
    • 15.0.4.0
    • 16.0.3.0
  • Oracle Retail Integration Bus
    • 14.1.3.2
    • 15.0.4.0
    • 16.0.3.0
    • 19.0.1.0
  • Oracle Retail Merchandising System
    • 15.0.3
    • 19.0.1
  • Oracle Retail Point-of-Service
    • 14.0
    • 14.1
  • Oracle Retail Predictive Application Server
    • 14.1.3
    • 15.0.3
    • 16.0.3
  • Oracle Retail Returns Management
    • 14.0
    • 14.1
  • Oracle Retail Service Backbone
    • 14.1.3.2
    • 15.0.4.0
    • 16.0.3.0
    • 19.0.1.0
  • Oracle Retail Store Inventory Management
    • 14.1
    • 15.0
    • 16.0
  • Oracle Secure Backup
    • versions prior to 18.1.0.1.0
  • Oracle Secure Global Desktop
    • 5.6
  • Oracle Solaris
    • 11
  • Oracle Spatial Studio
  • Oracle SQL Developer
  • Oracle Transportation Management
    • 6.4.3
  • Oracle Utilities Framework
    • 4.2.0.2.0
    • 4.2.0.3.0
    • 4.3.0.1.0-4.3.0.6.0
    • 4.4.0.0.0
    • 4.4.0.2.0
    • 4.4.0.3.0
  • Oracle VM VirtualBox
    • versions prior to 6.1.28
  • Oracle WebCenter Portal
    • 12.2.1.3.0
    • 12.2.1.4.0
  • Oracle WebCenter Sites
    • 12.2.1.3.0
    • 12.2.1.4.0
  • Oracle WebLogic Server
    • 10.3.6.0.0
    • 12.1.3.0.0
    • 12.2.1.3.0
    • 12.2.1.4.0
    • 14.1.1.0.0
  • Oracle WebLogic Server Proxy Plug-In
    • 12.2.1.3.0
    • 12.2.1.4.0
  • Oracle ZFS Storage Appliance Kit
    • 8.8
  • PeopleSoft Enterprise CC Common Application Objects
    • 9.2
  • PeopleSoft Enterprise CS Academic Advisement
    • 9.2
  • PeopleSoft Enterprise CS Campus Community
    • 9.0
    • 9.2
  • PeopleSoft Enterprise CS SA Integration Pack
    • 9.0
    • 9.2
  • PeopleSoft Enterprise CS Student Records
    • 9.2
  • PeopleSoft Enterprise PeopleTools
    • 8.57
    • 8.58
    • 8.59
  • PeopleSoft Enterprise SCM
    • 9.2
  • Primavera Gateway
    • 17.12.0-17.12.11
    • 18.8.0-18.8.12
    • 19.12.0-19.12.11
    • 20.12.0-20.12.7
  • Primavera Unifier
    • 17.7-17.12
    • 18.8
    • 19.12
    • 20.12
  • Siebel Applications
    • 21.9 and prior
  • Tekelec Platform Distribution
    • 7.4.0-7.7.1
  • Tekelec Virtual Operating Environment
    • 3.4.0-3.7.1

Threats:

Attacker could exploit these vulnerabilities by executing arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review Oracle security advisory and apply the necessary updates:

Last updated at 20 October, 2021

Rate the content

rate-icon
up icon