Oracle Updates

Your review has been sent successfully

Oracle Updates

2569

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

20 October, 2021

● Critical

2021-3704

All

Description:

Oracle has released security updates to address multiple vulnerabilities in the following products:

Enterprise Manager Base Platform
- 13.4.0.0
- 13.5.0.0
Enterprise Manager for Oracle Database
- 13.4.0.0
Enterprise Manager Ops Center
- 12.4.0.0
Essbase Administration Services
- prior to 11.1.2.4.46
Hyperion Financial Management
- 11.1.2.4
- 11.2.6.0
Hyperion Financial Reporting
- 11.1.2.4
- 11.2.6.0
Hyperion Infrastructure Technology
- 11.2.6.0
Hyperion Planning
- 11.1.2.4
- 11.2.6.0
Instantis EnterpriseTrack
- 17.1
- 17.2
- 17.3
JD Edwards EnterpriseOne Orchestrator
- prior to 9.2.6.0
JD Edwards EnterpriseOne Tools
- prior to 9.2.6.0
JD Edwards World Security
- A9.4
MySQL Client
- 8.0.26 and prior
MySQL Cluster
- 7.4.33 and prior
- 7.5.23 and prior
- 7.6.19 and prior
- 8.0.26 and prior
MySQL Connectors
- 8.0.26 and prior
MySQL Enterprise Monitor
- 8.0.25 and prior
MySQL Server
- 5.7.35 and prior
- 8.0.26 and prior
MySQL Workbench
- 8.0.26 and prior
Oracle Agile PLM
- 9.3.3
- 9.3.6
Oracle Application Express
- versions prior to 21.1.0
Oracle Application Testing Suite
- 13.3.0.1
Oracle Autovue for Agile Product Lifecycle Management
- 21.0.2
Oracle Banking Cash Management
- 14.2
- 14.3
- 14.5
Oracle Banking Corporate Lending Process Management
- 14.2
- 14.3
- 14.5
Oracle Banking Credit Facilities Process Management
- 14.2
- 14.3
- 14.5
Oracle Banking Enterprise Default Management
- 2.10.0
- 2.12.0
Oracle Banking Extensibility Workbench
- 14.2
- 14.3
- 14.5
Oracle Banking Platform
- 2.6.2
- 2.7.1
- 2.9.0
- 2.12.0
Oracle Banking Supply Chain Finance
- 14.2
- 14.3
- 14.5
Oracle Banking Trade Finance Process Management
- 14.2
- 14.3
- 14.5
Oracle Banking Virtual Account Management
- 14.2
- 14.3
- 14.5
Oracle Business Activity Monitoring
- 11.1.1.9.0
- 12.2.1.3.0
- 12.2.1.4.0
Oracle Business Intelligence Enterprise Edition
- 5.5.0.0.0
- 12.2.1.3.0
- 12.2.1.4.0
Oracle Commerce Guided Search
- 11.3.2
Oracle Commerce Merchandising
- 11.3.2
Oracle Communications Application Session Controller
- 3.9
Oracle Communications Billing and Revenue Management
- 7.5.0.0.0
- 12.0.0.3.0
Oracle Communications BRM - Elastic Charging Engine
- 12.0.0.3
Oracle Communications Calendar Server
- 8.0.0.6.0
Oracle Communications Cloud Native Core Network Repository Function
- 1.14.0
Oracle Communications Cloud Native Core Policy
- 1.11.0
Oracle Communications Control Plane Monitor
- 3.4
- 4.2
- 4.3
- 4.4
Oracle Communications Converged Application Server - Service Controller
- 6.2
Oracle Communications Design Studio
- 7.4.2
Oracle Communications Diameter Signaling Router
- 8.0.0.0-8.5.0.0
Oracle Communications EAGLE
Oracle Communications EAGLE FTP Table Base Retrieval
- 4.5
Oracle Communications EAGLE LNP Application Processor
- 46.7
- 46.8
- 46.9
Oracle Communications Element Manager
- 8.2.0.0-8.2.4.0
Oracle Communications Fraud Monitor
- 3.4-4.4
Oracle Communications Interactive Session Recorder
- 6.4
Oracle Communications LSMS
- 13.1-13.4
Oracle Communications Messaging Server
- 8.1
Oracle Communications MetaSolv Solution
- 6.3.1
Oracle Communications Offline Mediation Controller
- 12.0.0.3.0
Oracle Communications Operations Monitor
- 3.4
- 4.2
- 4.3
- 4.4
Oracle Communications Policy Management
- 12.5.0
Oracle Communications Pricing Design Center
- 12.0.0.3.0
Oracle Communications Services Gatekeeper
- 7.0
Oracle Communications Session Border Controller
- 8.4
- 9.0
Oracle Communications Session Report Manager
- 8.0.0.0-8.2.5.0
Oracle Communications Session Route Manager
- 8.0.0.0-8.2.5.0
Oracle Data Integrator
- 12.2.1.4.0
Oracle Database Server
- 12.1.0.2
- 12.2.0.1
- 19c
- 21c
Oracle Documaker
- 12.6.0-12.6.4
Oracle E-Business Suite
- 12.1.1-12.1.3
- 12.2.3-12.2.10
Oracle Enterprise Communications Broker
- 3.2, 3.3
Oracle Enterprise Repository
- 11.1.1.7.0
Oracle Enterprise Telephony Fraud Monitor
- 3.4
- 4.2
- 4.3
- 4.4
Oracle Ethernet Switch ES2-64, Oracle Ethernet Switch ES2-72
- 2.0.0.14
Oracle Financial Services Analytical Applications Infrastructure
- 8.0.6-8.1.1
Oracle Financial Services Enterprise Case Management
- 8.0.7.2.0
- 8.0.8.1.0
Oracle Financial Services Model Management and Governance
- 8.0.8.0.0-8.1.0.0.0
Oracle FLEXCUBE Core Banking
- 11.7
- 11.8
- 11.9
- 11.10
Oracle Global Lifecycle Management OPatch
Oracle GoldenGate
- prior to 19.1.0.0.0.210420
Oracle GoldenGate Application Adapters
- 19.1.0.0.0
Oracle GraalVM Enterprise Edition
- 20.3.3
- 21.2.0
Oracle Graph Server and Client
- prior to 21.3.0
Oracle Health Sciences Central Coding
- 6.2.0
- 6.3.0
Oracle Health Sciences InForm
- 6.3.0
Oracle Healthcare Data Repository
- 7.0.2
- 8.1.0
Oracle Healthcare Foundation
- 7.3
- 8.0
- 8.1
Oracle Hospitality Cruise Shipboard Property Management System
- 20.1.0
Oracle HTTP Server
- 11.1.1.9.0
- 12.2.1.4.0
Oracle Insurance Calculation Engine
- 11.0.0-11.3.1
Oracle Insurance Policy Administration
- 11.0.0-11.3.1
Oracle Java SE
- 7u311
- 8u301
- 11.0.12
- 17
Oracle NoSQL Database
Oracle Outside In Technology
- 8.5.5
Oracle Real User Experience Insight
- 13.4.1.0
- 13.5.1.0
Oracle Real-Time Decision Server
- 3.2.0.0
- 11.1.1.9.0
Oracle REST Data Services
- versions prior to 21.3
Oracle Retail Advanced Inventory Planning
- 14.1
- 15.0
- 16.0
Oracle Retail Assortment Planning
- 16.0
Oracle Retail Back Office
- 14.0
- 14.1
Oracle Retail Bulk Data Integration
- 16.0.3
- 19.0.1
Oracle Retail Central Office
- 14.0
- 14.1
Oracle Retail Customer Management and Segmentation Foundation
- 16.0-19.0
Oracle Retail Extract Transform and Load
- 13.2.8
Oracle Retail Financial Integration
- 14.1.3.2
- 15.0.4.0
- 16.0.3.0
Oracle Retail Integration Bus
- 14.1.3.2
- 15.0.4.0
- 16.0.3.0
- 19.0.1.0
Oracle Retail Merchandising System
- 15.0.3
- 19.0.1
Oracle Retail Point-of-Service
- 14.0
- 14.1
Oracle Retail Predictive Application Server
- 14.1.3
- 15.0.3
- 16.0.3
Oracle Retail Returns Management
- 14.0
- 14.1
Oracle Retail Service Backbone
- 14.1.3.2
- 15.0.4.0
- 16.0.3.0
- 19.0.1.0
Oracle Retail Store Inventory Management
- 14.1
- 15.0
- 16.0
Oracle Secure Backup
- versions prior to 18.1.0.1.0
Oracle Secure Global Desktop
- 5.6
Oracle Solaris
- 11
Oracle Spatial Studio
Oracle SQL Developer
Oracle Transportation Management
- 6.4.3
Oracle Utilities Framework
- 4.2.0.2.0
- 4.2.0.3.0
- 4.3.0.1.0-4.3.0.6.0
- 4.4.0.0.0
- 4.4.0.2.0
- 4.4.0.3.0
Oracle VM VirtualBox
- versions prior to 6.1.28
Oracle WebCenter Portal
- 12.2.1.3.0
- 12.2.1.4.0
Oracle WebCenter Sites
- 12.2.1.3.0
- 12.2.1.4.0
Oracle WebLogic Server
- 10.3.6.0.0
- 12.1.3.0.0
- 12.2.1.3.0
- 12.2.1.4.0
- 14.1.1.0.0
Oracle WebLogic Server Proxy Plug-In
- 12.2.1.3.0
- 12.2.1.4.0
Oracle ZFS Storage Appliance Kit
- 8.8
PeopleSoft Enterprise CC Common Application Objects
- 9.2
PeopleSoft Enterprise CS Academic Advisement
- 9.2
PeopleSoft Enterprise CS Campus Community
- 9.0
- 9.2
PeopleSoft Enterprise CS SA Integration Pack
- 9.0
- 9.2
PeopleSoft Enterprise CS Student Records
- 9.2
PeopleSoft Enterprise PeopleTools
- 8.57
- 8.58
- 8.59
PeopleSoft Enterprise SCM
- 9.2
Primavera Gateway
- 17.12.0-17.12.11
- 18.8.0-18.8.12
- 19.12.0-19.12.11
- 20.12.0-20.12.7
Primavera Unifier
- 17.7-17.12
- 18.8
- 19.12
- 20.12
Siebel Applications
- 21.9 and prior
Tekelec Platform Distribution
- 7.4.0-7.7.1
Tekelec Virtual Operating Environment
- 3.4.0-3.7.1

Threats:

Attacker could exploit these vulnerabilities by executing arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review Oracle security advisory and apply the necessary updates:

https://www.oracle.com/security-alerts/cpuoct2021.html

Last updated at 20 October, 2021

Oracle Updates

Classification

Most Viewed Warnings