Number: AV22-030
Date: 19 January 2022

On 18 January 2022 Oracle published a Critical Patch Update Advisory to address vulnerabilities in multiple products. Included were critical updates for the following:

  • Enterprise Manager Ops Center – version 12.4.0.0
  • Instantis EnterpriseTrack – versions 17.1, 17.2 and 17.3
  • Oracle Access Manager – versions 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0
  • Oracle Banking APIs – versions 18.1 to 18.3, 19.1, 19.2, 20.1 and 21.1
  • Oracle Banking Digital Experience – versions 18.1 to 18.3, 19.1, 19.2, 20.1 and 21.1
  • Oracle Business Intelligence Enterprise Edition – versions 12.2.1.3.0 and 12.2.1.4.0
  • Oracle Communications Billing and Revenue Management – versions 12.0.0.3 and 12.0.0.4
  • Oracle Communications Cloud Native Core Policy – version 1.14.0
  • Oracle Communications EAGLE Application Processor – versions 16.1 to 16.4
  • Oracle Essbase – versions prior to 11.1.2.4.047 and 21.3
  • Oracle Essbase Administration Services – versions prior to 11.1.2.4.047
  • Oracle GoldenGate – versions prior to 21.4.0.0.0
  • Oracle HTTP Server – versions 12.2.1.3.0, 12.2.1.4.0 and 12.2.1.5.0
  • Oracle Insurance Policy Administration J2EE – versions 10.2.0, 10.2.4, 11.0.2 and 11.1.0 to 11.3.0
  • Oracle Insurance Rules Palette – versions 10.2.0, 10.2.4, 11.0.2 and 11.1.0 to 11.3.0
  • Oracle Secure Backup – versions prior to 18.1.0.1.0
  • Oracle Utilities Framework – versions 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0 to 4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0 and 4.4.0.3.0
  • Oracle WebLogic Server – versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0
  • OSS Support Tools – versions prior to 2.12.42
  • PeopleSoft Enterprise PeopleTools – versions 8.57, 8.58 and 8.59
  • Primavera Unifier – versions 17.7 to 17.12, 18.8, 19.12, 20.12 and 21.12

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Oracle Critical Patch Update Advisory – January 2022
 



Source link