Number: AV22-030
Date: 19 January 2022
On 18 January 2022 Oracle published a Critical Patch Update Advisory to address vulnerabilities in multiple products. Included were critical updates for the following:
- Enterprise Manager Ops Center – version 12.4.0.0
- Instantis EnterpriseTrack – versions 17.1, 17.2 and 17.3
- Oracle Access Manager – versions 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0
- Oracle Banking APIs – versions 18.1 to 18.3, 19.1, 19.2, 20.1 and 21.1
- Oracle Banking Digital Experience – versions 18.1 to 18.3, 19.1, 19.2, 20.1 and 21.1
- Oracle Business Intelligence Enterprise Edition – versions 12.2.1.3.0 and 12.2.1.4.0
- Oracle Communications Billing and Revenue Management – versions 12.0.0.3 and 12.0.0.4
- Oracle Communications Cloud Native Core Policy – version 1.14.0
- Oracle Communications EAGLE Application Processor – versions 16.1 to 16.4
- Oracle Essbase – versions prior to 11.1.2.4.047 and 21.3
- Oracle Essbase Administration Services – versions prior to 11.1.2.4.047
- Oracle GoldenGate – versions prior to 21.4.0.0.0
- Oracle HTTP Server – versions 12.2.1.3.0, 12.2.1.4.0 and 12.2.1.5.0
- Oracle Insurance Policy Administration J2EE – versions 10.2.0, 10.2.4, 11.0.2 and 11.1.0 to 11.3.0
- Oracle Insurance Rules Palette – versions 10.2.0, 10.2.4, 11.0.2 and 11.1.0 to 11.3.0
- Oracle Secure Backup – versions prior to 18.1.0.1.0
- Oracle Utilities Framework – versions 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0 to 4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0 and 4.4.0.3.0
- Oracle WebLogic Server – versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0
- OSS Support Tools – versions prior to 2.12.42
- PeopleSoft Enterprise PeopleTools – versions 8.57, 8.58 and 8.59
- Primavera Unifier – versions 17.7 to 17.12, 18.8, 19.12, 20.12 and 21.12
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.