Oracle security advisory – October 2021 Quarterly Rollup

Number: AV21-527
Date: 21 October 2021

On 19 October 2021 Oracle published a Critical Patch Update Advisory to address vulnerabilities in multiple products. Included were critical updates for the following:

  • Essbase Administration Services - version 11.1.2.4.046 and prior
  • Oracle Communications Pricing Design Center - version 12.0.0.3.0
  • Oracle Communications Policy Management - version 12.5.0
  • Oracle Communications Diameter Signaling Router - versions 8.0.0.0 to 8.5.0.0
  • Oracle Communications EAGLE LNP Application Processor - versions 46.7, 46.8 and 46.9
  • Oracle Communications Element Manager - versions 8.2.0.0 to 8.2.4.0
  • Oracle Communications LSMS - versions 13.1, 13.2, 13.3 and 13.4
  • Oracle Communications Session Report Manager - versions 8.0.0.0 to 8.2.2.0
  • Oracle Communications Session Route Manager - versions 8.0.0.0 to 8.2.2.0
  • Tekelec Virtual Operating Environment - versions 3.4.0 to 3.7.1
  • Oracle Communications Control Plane Monitor - versions 3.4, 4.2, 4.3 and 4.4
  • Oracle Communications Fraud Monitor - versions 3.4 to 4.4
  • Oracle Communications Operations Monitor - versions 3.4, 4.2, 4.3 and 4.4
  • Oracle Enterprise Telephony Fraud Monitor - versions 3.4, 4.2, 4.3 and 4.4
  • Instantis EnterpriseTrack - versions 17.1, 17.2 and 17.3
  • Enterprise Manager Ops Center - version 12.4.0.0
  • Oracle Banking Virtual Account Management - versions 14.2, 14.3 and 14.5
  • Oracle Banking Corporate Lending Process Management - versions 14.2, 14.3 and 14.5
  • Oracle Banking Credit Facilities Process Management - versions 14.2, 14.3 and 14.5
  • Oracle Banking Supply Chain Finance - versions 14.2, 14.3 and 14.5
  • Oracle FLEXCUBE Core Banking - versions 11.7, 11.8, 11.9 and 11.10
  • Oracle WebCenter Sites - versions 12.2.1.3.0 and 12.2.1.4.0
  • Oracle WebLogic Server - versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0
  • Oracle Healthcare Data Repository - version 8.1.0
  • Oracle Documaker - versions 12.6.0 to 12.6.4
  • Oracle Insurance Policy Administration - versions 11.0.0 to 11.3.1
  • MySQL Cluster - version 8.0.26 and prior
  • MySQL Server - versions 5.7.35 and prior, 8.0.26 and prior
  • PeopleSoft Enterprise PeopleTools - versions 8.57, 8.58 and 8.59
  • Oracle ZFS Storage Appliance Kit - version 8.8

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Oracle Critical Patch Update Advisory - October 2021
https://www.oracle.com/security-alerts/cpuoct2021.html

Note to Readers

The Canadian Centre for Cyber Security (Cyber Centre) operates as part of the Communications Security Establishment.  We are Canada’s national authority on cyber security and we lead the government’s response to cyber security events. As Canada's national computer security incident response team, the Cyber Centre works in close collaboration with government departments, critical infrastructure, Canadian businesses and international partners to prepare for, respond to, mitigate, and recover from cyber events. We do this by providing authoritative advice and support, and coordinating information sharing and incident response. The Cyber Centre is outward-facing, welcoming partnerships that help build a stronger, more resilient cyber space in Canada.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: