May 28, 2022

TheCyberThrone

Thinking Security ! Always

Oracle Releases Critical Patch Update January 2022

Oracle has released patches for the vulnerabilities persist in its product line as a part of January 2022 release. Whooping 497 updates has been released .

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to “Critical Patch Updates, Security Alerts and Bulletins” for information about Oracle Security advisories.”

Oracle Statement
Advertisements

The CPU will address critical vulnerabilities in Oracle Essbase, Graph Server and Client, Secure Backup, Communications Applications, Communications, Construction and Engineering, Enterprise Manager, Financial Services Applications, Fusion Middleware, Insurance Applications, PeopleSoft, Support Tools, and Utilities Applications.

Some of the vulnerabilities addressed in this Critical Patch Update impacts multiple products. Oracle also urges its customers to apply Critical Patch Update patches as soon as possible due to the risk of exploitation of the addressed vulnerabilities.

The IT giant pointed out that many of these vulnerabilities can be exploited by remote attackers without authentication. The highest CVSS v3.1 Base Score (10.0) was assigned to vulnerabilities affecting Oracle Communications Applications. The company will also address flaws in Oracle Essbase having a CVSS v3.1 Base Score of 9.9.

High-severity flaws will be fixed in Airlines Data Model, Big Data Graph, Communications Data Model, Commerce, Food and Beverage Applications, E-Business Suite, GoldenGate, Health Sciences Applications, HealthCare Applications, Hospitality Applications, Hyperion, iLearning, JD Edwards, MySQL, Policy Automation, Retail Applications, REST Data Services, Siebel CRM, Supply Chain, Systems, Spatial Studio, and TimesTen In-Memory.

Advertisements
Affected Products and VersionsPatch Availability Document
Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite, version 3.6Oracle Supply Chain Products
Application Performance Management, versions 13.4.1.0, 13.5.1.0Enterprise Manager
Big Data Spatial and Graph, versions prior to 23.1Database
Enterprise Manager Base Platform, versions 13.4.0.0, 13.5.0.0Enterprise Manager
Enterprise Manager Ops Center, version 12.4.0.0Enterprise Manager
Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers, versions prior to XCP2410, prior to XCP3110Systems
Instantis EnterpriseTrack, versions 17.1, 17.2, 17.3Oracle Construction and Engineering Suite
JD Edwards EnterpriseOne Tools, versions prior to 9.2.6.1JD Edwards
MySQL Cluster, versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, 8.0.27 and priorMySQL
MySQL Connectors, versions 8.0.27 and priorMySQL
MySQL Server, versions 5.7.36 and prior, 8.0.27 and priorMySQL
MySQL Workbench, versions 8.0.27 and priorMySQL
Oracle Access Manager, versions 11.1.2.3.0, 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Agile Engineering Data Management, version 6.2.1.0Oracle Supply Chain Products
Oracle Agile PLM, versions 9.3.3, 9.3.6Oracle Supply Chain Products
Oracle Agile PLM MCAD Connector, versions 3.4, 3.6Oracle Supply Chain Products
Oracle Airlines Data Model, versions 12.1.1.0.0, 12.2.0.1.0Oracle Airlines Data Model
Oracle Application Express, versions prior to 21.1.4Database
Oracle Application Testing Suite, version 13.3.0.1Enterprise Manager
Oracle Argus Analytics, versions 8.2.1, 8.2.2, 8.2.3Health Sciences
Oracle Argus Insight, versions 8.2.1, 8.2.2, 8.2.3Health Sciences
Oracle Argus Mart, versions 8.2.1, 8.2.2, 8.2.3Health Sciences
Oracle Argus Safety, versions 8.2.1, 8.2.2, 8.2.3Health Sciences
Oracle Banking APIs, versions 18.1-18.3, 19.1, 19.2, 20.1, 21.1Contact Support
Oracle Banking Deposits and Lines of Credit Servicing, version 2.12.0Contact Support
Oracle Banking Digital Experience, versions 17.2, 18.1-18.3, 19.1, 19.2, 20.1, 21.1Contact Support
Oracle Banking Enterprise Default Management, versions 2.3.0-2.4.1, 2.6.2, 2.7.0, 2.7.1, 2.10.0, 2.12.0Oracle Banking Platform
Oracle Banking Loans Servicing, version 2.12.0Contact Support
Oracle Banking Party Management, version 2.7.0Oracle Banking Platform
Oracle Banking Platform, versions 2.3.0-2.4.1, 2.6.2, 2.7.0, 2.7.1Oracle Banking Platform
Oracle BI Publisher, versions 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Business Activity Monitoring, versions 12.2.1.4.0, 12.2.1.5.0Fusion Middleware
Oracle Business Intelligence Enterprise Edition, versions 5.5.0.0.0, 5.9.0.0.0, 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Business Process Management Suite, versions 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Clinical, versions 5.2.1, 5.2.2Health Sciences
Oracle Commerce Guided Search, version 11.3.2Oracle Commerce
Oracle Commerce Platform, versions 11.3.0, 11.3.1, 11.3.2Oracle Commerce
Oracle Communications Billing and Revenue Management, versions 12.0.0.3, 12.0.0.4Oracle Communications Billing and Revenue Management
Oracle Communications BRM – Elastic Charging Engine, versions 11.3, 12.0Oracle Communications BRM – Elastic Charging Engine
Oracle Communications Calendar Server, version 8.0.0.5.0Oracle Communications Calendar Server
Oracle Communications Cloud Native Core Automated Test Suite, version 1.8.0Oracle Communications Cloud Native Core Automated Test Suite
Oracle Communications Cloud Native Core Binding Support Function, versions 1.9.0, 1.10.0Oracle Communications Cloud Native Core Binding Support Function
Oracle Communications Cloud Native Core Console, version 1.7.0Communications Cloud Native Core Console
Oracle Communications Cloud Native Core Network Function Cloud Native Environment, version 1.9.0Oracle Communications Cloud Native Core Network Function Cloud Native Environment
Oracle Communications Cloud Native Core Network Repository Function, version 1.14.0Oracle Communications Cloud Native Core Network Repository Function
Oracle Communications Cloud Native Core Policy, version 1.14.0Communications Cloud Native Core Policy
Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 1.5.0, 1.6.0, 1.15.0Communications Cloud Native Core Security Edge Protection Proxy
Oracle Communications Cloud Native Core Service Communication Proxy, version 1.14.0Communications Cloud Native Core Service Communication Proxy
Oracle Communications Cloud Native Core Unified Data Repository, version 1.14.0Communications Cloud Native Core Unified Data Repository
Oracle Communications Contacts Server, version 8.0.0.3.0Oracle Communications Contacts Server
Oracle Communications Convergence, version 3.0.2.2.0Oracle Communications Convergence
Oracle Communications Convergent Charging Controller, versions 6.0.1.0.0, 12.0.1.0.0-12.0.4.0.0Oracle Communications Convergent Charging Controller
Oracle Communications Data Model, versions 11.3.2.1.0, 11.3.2.2.0, 11.3.2.3.0, 12.1.0.1.0, 12.1.2.0.0Oracle Communications Data Model
Oracle Communications Design Studio, versions 7.3.4, 7.3.5, 7.4.0, 7.4.1, 7.4.2Oracle Communications Design Studio
Oracle Communications Diameter Signaling Router, versions 8.0.0.0-8.5.1.0Oracle Communications Diameter Signaling Router
Oracle Communications EAGLE Application Processor, versions 16.1-16.4Oracle Communications EAGLE Application Processor
Oracle Communications Instant Messaging Server, version 10.0.1.5.0Oracle Communications Instant Messaging Server
Oracle Communications Interactive Session Recorder, versions 6.3, 6.4Oracle Communications Interactive Session Recorder
Oracle Communications Messaging Server, version 8.1Oracle Communications Messaging Server
Oracle Communications Network Charging and Control, versions 6.0.1.0.0, 12.0.1.0.0-12.0.4.0.0Oracle Communications Network Charging and Control
Oracle Communications Network Integrity, versions 7.3.5, 7.3.6Oracle Communications Network Integrity
Oracle Communications Offline Mediation Controller, version 12.0.0.3Oracle Communications Offline Mediation Controller
Oracle Communications Operations Monitor, versions 3.4, 4.2, 4.3, 4.4, 5.0Oracle Communications Operations Monitor
Oracle Communications Pricing Design Center, versions 12.0.0.3.0, 12.0.0.4.0Oracle Communications Pricing Design Center
Oracle Communications Service Broker, version 6.2Oracle Communications Service Broker
Oracle Communications Services Gatekeeper, version 7.0Oracle Communications Services Gatekeeper
Oracle Communications Session Border Controller, versions 8.2, 8.3, 8.4, 9.0Oracle Communications Session Border Controller
Oracle Communications Unified Inventory Management, versions 7.3.0, 7.3.4, 7.3.5, 7.4.0, 7.4.1, 7.4.2, 7.5.0Oracle Communications Unified Inventory Management
Oracle Communications WebRTC Session Controller, versions 7.2.0, 7.2.1Oracle Communications WebRTC Session Controller
Oracle Data Integrator, versions 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Database Server, versions 12.1.0.2, 12.2.0.1, 19c, 21cDatabase
Oracle Demantra Demand Management, versions 12.2.6-12.2.11Oracle Supply Chain Products
Oracle E-Business Suite, versions 12.2.3-12.2.11Oracle E-Business Suite
Oracle Enterprise Communications Broker, version 3.3Oracle Enterprise Communications Broker
Oracle Enterprise Data Quality, versions 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Enterprise Session Border Controller, versions 8.4, 9.0Oracle Enterprise Session Border Controller
Oracle Essbase, versions prior to 11.1.2.4.47, prior to 21.3Database
Oracle Essbase Administration Services, versions prior to 11.1.2.4.47Database
Oracle Financial Services Analytical Applications Infrastructure, versions 8.0.7-8.1.1Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform, versions 8.0.7, 8.0.8, 8.1.1Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Enterprise Case Management, versions 8.0.7, 8.0.8, 8.1.1Oracle Financial Services Enterprise Case Management
Oracle Financial Services Foreign Account Tax Compliance Act Management, versions 8.0.7, 8.0.8, 8.1.1Contact Support
Oracle Financial Services Model Management and Governance, versions 8.0.8-8.1.1Oracle Financial Services Model Management and Governance
Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition, versions 8.0.7, 8.0.8Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition
Oracle FLEXCUBE Investor Servicing, versions 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.4.0, 14.5.0Contact Support
Oracle FLEXCUBE Private Banking, versions 12.0.0, 12.1.0Contact Support
Oracle Fusion Middleware, versions 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle Fusion Middleware MapViewer, version 12.2.1.4.0Fusion Middleware
Oracle GoldenGate, versions prior to 12.3.0.1, prior to 19.1.0.0.220118, prior to 21.4.0.0.0, prior to 21.5.0.0.220118Database
Oracle GraalVM Enterprise Edition, versions 20.3.4, 21.3.0Java SE
Oracle Graph Server and Client, versions prior to 21.4Database
Oracle Health Sciences Clinical Development Analytics, version 4.0.1Health Sciences
Oracle Health Sciences InForm CRF Submit, version 6.2.1Health Sciences
Oracle Health Sciences Information Manager, versions 3.0.2, 3.0.3HealthCare Applications
Oracle Healthcare Data Repository, versions 7.0.2, 8.1.0, 8.1.1HealthCare Applications
Oracle Healthcare Foundation, versions 7.3.0.0-7.3.0.2, 8.0.0-8.0.2, 8.1.0-8.1.1HealthCare Applications
Oracle Healthcare Translational Research, version 4.1.0HealthCare Applications
Oracle Hospitality Cruise Shipboard Property Management System, version 20.1.0Oracle Hospitality Cruise Shipboard Property Management System
Oracle Hospitality OPERA 5, version 5.6Oracle Hospitality OPERA 5 Property Services
Oracle Hospitality Reporting and Analytics, version 9.1.0Oracle Hospitality Reporting and Analytics
Oracle Hospitality Suite8, versions 8.10.2, 8.11.0, 8.12.0, 8.13.0, 8.14.0Oracle Hospitality Suite8
Oracle HTTP Server, versions 12.2.1.3.0, 12.2.1.4.0, 12.2.1.5.0Fusion Middleware
Oracle Hyperion Infrastructure Technology, version 11.2.7.0Fusion Middleware
Oracle iLearning, versions 6.2, 6.3iLearning
Oracle Insurance Data Gateway, versions 11.0.2, 11.1.0, 11.2.7, 11.3.0, 11.3.1Oracle Insurance Applications
Oracle Insurance Insbridge Rating and Underwriting, versions 5.2.0, 5.4.0-5.6.0Oracle Insurance Applications
Oracle Insurance Policy Administration, versions 11.0.2, 11.1.0, 11.2.7, 11.3.0, 11.3.1Oracle Insurance Applications
Oracle Insurance Policy Administration J2EE, versions 10.2.0, 10.2.4, 11.0.2, 11.1.0-11.3.0Oracle Insurance Applications
Oracle Insurance Rules Palette, versions 10.2.0, 10.2.4, 11.0.2, 11.1.0-11.3.0, 11.3.1Oracle Insurance Applications
Oracle Java SE, versions 7u321, 8u311, 11.0.13, 17.1Java SE
Oracle Managed File Transfer, versions 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle NoSQL Database, versions prior to 21.1.12NoSQL Database
Oracle Policy Automation, versions 12.2.0-12.2.24Oracle Policy Automation
Oracle Product Lifecycle Analytics, version 3.6.1Oracle Supply Chain Products
Oracle Rapid Planning, versions 12.2.6-12.2.11Oracle Supply Chain Products
Oracle Real User Experience Insight, versions 13.4.1.0, 13.5.1.0Enterprise Manager
Oracle REST Data Services, versions prior to 21.2.4Database
Oracle Retail Allocation, versions 14.1.3.2, 15.0.3.1, 16.0.3, 19.0.1Retail Applications
Oracle Retail Analytics, version 21.0.1Retail Applications
Oracle Retail Assortment Planning, version 16.0.3Retail Applications
Oracle Retail Back Office, version 14.1Retail Applications
Oracle Retail Central Office, version 14.1Retail Applications
Oracle Retail Customer Insights, version 21.0.1Retail Applications
Oracle Retail Customer Management and Segmentation Foundation, versions 16.0-19.0Retail Applications
Oracle Retail EFTLink, versions 16.0.3, 17.0.2, 18.0.1, 19.0.1, 20.0.1Retail Applications
Oracle Retail Extract Transform and Load, version 13.2.8Retail Applications
Oracle Retail Financial Integration, versions 14.1.3.2, 15.0.3.1, 16.0.3, 19.0.1Retail Applications
Oracle Retail Fiscal Management, version 14.2Retail Applications
Oracle Retail Integration Bus, versions 14.1.3.0, 14.1.3.2, 15.0.3.1, 16.0.1-16.0.3, 19.0.0, 19.0.1Retail Applications
Oracle Retail Invoice Matching, versions 15.0.3, 16.0.3Retail Applications
Oracle Retail Merchandising System, version 19.0.1Retail Applications
Oracle Retail Order Broker, versions 16.0, 18.0, 19.1Retail Applications
Oracle Retail Order Management System, version 19.5Retail Applications
Oracle Retail Point-of-Service, version 14.1Retail Applications
Oracle Retail Predictive Application Server, versions 14.1.3, 14.1.3.46, 15.0.3, 15.0.3.115, 16.0.3, 16.0.3.240Retail Applications
Oracle Retail Price Management, versions 13.2, 14.0.4, 14.1, 14.1.3, 15, 15.0.3, 16, 16.0.3Retail Applications
Oracle Retail Returns Management, version 14.1Retail Applications
Oracle Retail Service Backbone, versions 14.1.3.0, 14.1.3.2, 15.0.3.1, 16.0.1-16.0.3, 19.0.0, 19.0.1Retail Applications
Oracle Retail Size Profile Optimization, version 16.0.3Retail Applications
Oracle Retail Xstore Point of Service, versions 17.0.4, 18.0.3, 19.0.2, 20.0.1Retail Applications
Oracle SD-WAN Aware, version 8.2Oracle SD-WAN Aware
Oracle SD-WAN Edge, versions 9.0, 9.1Oracle SD-WAN Edge
Oracle Secure Backup, versions prior to 18.1.0.1.0Oracle Secure Backup
Oracle Solaris, versions 10, 11Systems
Oracle Spatial Studio, versions prior to 21.2.1Database
Oracle Thesaurus Management System, versions 5.2.3, 5.3.0, 5.3.1Health Sciences
Oracle TimesTen In-Memory Database, versions prior to 11.2.2.8.27, prior to 21.1.1.1.0Database
Oracle Utilities Framework, versions 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0-4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0Oracle Utilities Applications
Oracle Utilities Testing Accelerator, versions 6.0.0.1.1, 6.0.0.2.2, 6.0.0.3.1Oracle Utilities Applications
Oracle VM VirtualBox, versions prior to 6.1.32Virtualization
Oracle WebCenter Portal, versions 12.2.1.3.0, 12.2.1.4.0Fusion Middleware
Oracle WebLogic Server, versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0Fusion Middleware
Oracle ZFS Storage Appliance Kit, version 8.8Systems
Oracle ZFS Storage Application Integration Engineering Software, version 1.3.3Systems
OSS Support Tools, versions prior to 2.12.42Oracle Support Tools
PeopleSoft Enterprise CS SA Integration Pack, versions 9.0, 9.2PeopleSoft
PeopleSoft Enterprise PeopleTools, versions 8.57, 8.58, 8.59PeopleSoft
Primavera Analytics, versions 18.8.3.3, 19.12.11.1, 20.12.12.0Oracle Construction and Engineering Suite
Primavera Data Warehouse, versions 18.8.3.3, 19.12.11.1, 20.12.12.0Oracle Construction and Engineering Suite
Primavera Gateway, versions 17.12.0-17.12.11, 18.8.0-18.8.13, 19.12.0-19.12.12, 20.12.0-20.12.7, 21.12.0Oracle Construction and Engineering Suite
Primavera P6 Enterprise Project Portfolio Management, versions 17.12.0.0-17.12.20.0, 18.8.0.0-18.8.24.0, 19.12.0.0-19.12.18.0, 20.12.0.0-20.12.12.0, 21.12.0.0Oracle Construction and Engineering Suite
Primavera P6 Professional Project Management, versions 17.12.0.0-17.12.20.0, 18.8.0.0-18.8.24.0, 19.12.0.0-19.12.17.0, 20.12.0.0-20.12.9.0Oracle Construction and Engineering Suite
Primavera Portfolio Management, versions 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0, 20.0.0.1Oracle Construction and Engineering Suite
Primavera Unifier, versions 17.7-17.12, 18.8, 19.12, 20.12, 21.12Oracle Construction and Engineering Suite
Siebel Applications, versions 21.11 and priorSiebel
%d bloggers like this: