Aviso de actualizacion de parche crítico de Oracle

Edificio oracle

Estas actualizaciones son acumulativas y se publican periódicamente para abordar vulnerabilidades de seguridad recientes

Torre del Mar 20 de enero 2023
Un Critical Patch Update (CPU) es una actualización de seguridad de Oracle que contiene parches para corregir vulnerabilidades en el código de Oracle y en los componentes de terceros incluidos en sus productos. Estas actualizaciones son acumulativas y se publican periódicamente para abordar vulnerabilidades de seguridad recientes. Es importante revisar y aplicar estas actualizaciones de forma oportuna ya que los atacantes pueden explotar vulnerabilidades no corregidas.

Oracle recomienda encarecidamente que los clientes apliquen parches de seguridad lo antes posible. Para los clientes que se han saltado una o más actualizaciones de parches críticos y están preocupados por los productos que no tienen parches de seguridad anunciados en esta actualización de parches críticos, revise los avisos de actualizaciones de parches críticos anteriores para determinar las acciones apropiadas.

Los parches publicados a través del programa Critical Patch Update se proporcionan solo para las versiones del producto que están cubiertas por las fases Premier Support o Extended Support de la Política de soporte de por vida. Oracle recomienda que los clientes planifiquen actualizaciones de productos para asegurarse de que los parches publicados a través del programa Critical Patch Update estén disponibles para las versiones que están ejecutando actualmente.

Las versiones de productos que no se encuentran bajo Soporte Premier o Soporte Extendido no se prueban para detectar la presencia de vulnerabilidades abordadas por esta Actualización de Parche Crítica. Sin embargo, es probable que las versiones anteriores de las versiones afectadas también se vean afectadas por estas vulnerabilidades. Como resultado, Oracle recomienda que los clientes actualicen a las versiones compatibles.

Los productos de base de datos, Fusion Middleware y Oracle Enterprise Manager están parcheados de acuerdo con la política de soporte de corrección de errores de software que se explica en My Oracle Support Note 209768.1. Revise las Políticas de soporte técnico para obtener más pautas sobre las políticas de soporte y las fases de soporte.

Los boletines de terceros de Solaris se utilizan para anunciar parches de seguridad para software de terceros distribuidos con Oracle Solaris. Los clientes de Solaris 10 deben consultar los conjuntos de parches más recientes que contienen parches de seguridad críticos detallados en el documento de disponibilidad de parches de sistemas. Consulte el índice de referencia de ID de CVE y parches de Solaris (Mi nota de soporte de Oracle 1448883.1) para obtener más información.

Los usuarios que ejecutan Java SE con un navegador pueden descargar la última versión desde https://java.com. Los usuarios de las plataformas Windows y Mac OS X también pueden usar actualizaciones automáticas para obtener la última versión.

Las vulnerabilidades que afectan a Oracle Solaris pueden afectar a Oracle ZFSSA, por lo que los clientes de Oracle deben consultar el Documento de conocimiento de actualización de parches críticos de Oracle and Sun Systems Product Suite, My Oracle Support Note 2160904.1 para obtener información sobre las revisiones mínimas de los parches de seguridad necesarios para resolver los problemas de ZFSSA publicados en Actualizaciones de parches críticos. y boletines de terceros de Solaris.

Las vulnerabilidades de seguridad abordadas por esta actualización de parche crítico afectan a los productos que se enumeran a continuación.

Big Data Spatial and Graph, versions prior to 21.4.3, prior to 23.1.0 Database

Enterprise Manager Base Platform, versions 13.4.0.0, 13.5.0.0 Enterprise Manager

Enterprise Manager Ops Center, version 12.4.0.0 Enterprise Manager

Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers, versions prior to XCP2411, prior to XCP3111, prior to XCP4011 Systems

GoldenGate Stream Analytics, versions prior to 19.1.0.0.8 Database

GoldenGate Veridata, versions prior to 12.2.1.4.220831 Database

JD Edwards EnterpriseOne Orchestrator, versions prior to 9.2.7.2 JD Edwards

JD Edwards EnterpriseOne Tools, versions prior to 9.2.7.2 JD Edwards

Management Cloud Engine, version 22.1.0.0.0 Oracle Management Cloud Engine

Management Pack for Oracle GoldenGate, versions prior to 12.2.1.2.221115 Database

Middleware Common Libraries and Tools, versions 12.2.1.4.0, 14.1.1.0.0 Fusion Middleware

MySQL Cluster, versions 7.4.38 and prior, 7.5.28 and prior, 7.6.24 and prior, 8.0.31 and prior MySQL

MySQL Connectors, versions 8.0.31 and prior MySQL

MySQL Enterprise Monitor, versions 8.0.32 and prior MySQL

MySQL Server, versions 5.7.40 and prior, 8.0.31 and prior MySQL

MySQL Shell, versions 8.0.31 and prior MySQL

MySQL Workbench, versions 8.0.31 and prior MySQL

Oracle Access Manager, version 12.2.1.4.0 Fusion Middleware

Oracle Agile PLM, version 9.3.6 Oracle Supply Chain Products

Oracle AutoVue, versions prior to 21.0.2.6 Oracle Supply Chain Products

Oracle Banking Enterprise Default Management, versions 2.6.2, 2.7.0, 2.7.1, 2.12.0 Oracle Banking Platform

Oracle Banking Loans Servicing, versions 2.8.0, 2.12.0 Oracle Banking Platform

Oracle Banking Party Management, version 2.7.0 Oracle Banking Platform

Oracle Banking Platform, versions 2.6.2, 2.7.1, 2.9.0, 2.12.0 Oracle Banking Platform

Oracle BI Publisher, versions 5.9.0.0.0, 6.4.0.0.0, 12.2.1.4.0 Oracle Analytics

Oracle Business Intelligence Enterprise Edition, versions 5.9.0.0.0, 6.4.0.0.0 Oracle Analytics

Oracle Coherence, versions 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 Fusion Middleware

Oracle Commerce Guided Search, version 11.3.2 Oracle Commerce

Oracle Communications Billing and Revenue Management, versions 12.0.0.4.0-12.0.0.7.0 Oracle Communications Billing and Revenue Management

Oracle Communications BRM - Elastic Charging Engine, versions 12.0.0.3.0-12.0.0.7.0 Oracle Communications BRM - Elastic Charging Engine

Oracle Communications Calendar Server, version 8.0.0.6.0 Oracle Communications Calendar Server

Oracle Communications Cloud Native Core Automated Test Suite, versions 22.2.2, 22.3.1, 22.4.0 Oracle Communications Cloud Native Core Automated Test Suite

Oracle Communications Cloud Native Core Binding Support Function, versions 22.1.0, 22.1.1, 22.2.0, 22.2.1, 22.2.2, 22.2.4, 22.3.0-22.4.0 Oracle Communications Cloud Native Core Binding Support Function

Oracle Communications Cloud Native Core Console, versions 22.3.0, 22.4.0 Oracle Communications Cloud Native Core Console

Oracle Communications Cloud Native Core Network Data Analytics Function, version 22.0.0.0.0 Oracle Communications Cloud Native

Core Network Data Analytics Function

Oracle Communications Cloud Native Core Network Exposure Function, versions 22.3.1, 22.4.0 Oracle Communications Cloud Native Core

Network Exposure Function

Oracle Communications Cloud Native Core Network Function Cloud Native Environment, version 22.3.0 Oracle Communications Cloud Native

Core Network Function Cloud Native Environment

Oracle Communications Cloud Native Core Network Repository Function, versions 22.3.0, 22.3.2 Oracle Communications Cloud Native

Core Network Repository Function

Oracle Communications Cloud Native Core Network Slice Selection Function, versions 22.3.1, 22.4.1 Oracle Communications Cloud Native Core Network Slice Selection Function

Oracle Communications Cloud Native Core Policy, versions 1.11.0, 22.3.0, 22.4.0 Oracle Communications Cloud Native Core Policy

Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 22.3.1, 22.4.0 Oracle Communications Cloud Native Core Security Edge Protection Proxy

Oracle Communications Cloud Native Core Unified Data Repository, versions 22.2.2, 22.2.3, 22.3.3, 22.3.4, 22.4.0 Oracle Communications Cloud Native Core Unified Data Repository

Oracle Communications Contacts Server, version 8.0.0.7.0 Oracle Communications Contacts Server

Oracle Communications Converged Application Server, versions 7.1.0, 8.0.0 Oracle Communications Converged Application Server

Oracle Communications Convergence, version 3.0.3.1.0 Oracle Communications Convergence

Oracle Communications Design Studio, version 7.4.2 Oracle Communications Design Studio

Oracle Communications Diameter Intelligence Hub, version 8.2.3.0 Oracle Communications Diameter Signaling Router

Oracle Communications Diameter Signaling Router, version 8.6.0.0 Oracle Communications Diameter Signaling Router

Oracle Communications Elastic Charging Engine, versions 12.0.0.3.0-12.0.0.7.0 Oracle Communications BRM - Elastic Charging Engine

Oracle Communications Instant Messaging Server, version 10.0.1.6.0 Oracle Communications Instant Messaging Server

Oracle Communications Messaging Server, version 8.1.0.20.0 Oracle Communications Messaging Server

Oracle Communications MetaSolv Solution, version 6.3.1 Oracle Communications MetaSolv Solution

Oracle Communications Order and Service Management, version 7.4.0 Oracle Communications Order and Service Management

Oracle Communications Performance Intelligence Center (PIC) Software, version 10.4.0.4.1 Oracle Communications Performance Intelligence Center (PIC) Software

Oracle Communications Pricing Design Center, versions 12.0.0.5.0-12.0.0.7.0 Oracle Communications Pricing Design Center

Oracle Communications Unified Assurance, versions 5.5.0-5.5.9, 6.0.0-6.0.1 Oracle Communications Unified Assurance

Oracle Communications Unified Inventory Management, versions 7.4.0-7.4.2, 7.5.0 Oracle Communications Unified Inventory Management

Oracle Database Server, versions 19c, 21c, [Perl] prior to 5.35 Database

Oracle Demantra Demand Management, versions 12.1, 12.2, 12.2.7, 12.2.8, 12.2.9, 12.2.10, 12.2.11, 12.2.12 Oracle Supply Chain Products

Oracle Documaker, versions 12.4.0-12.7.0 Oracle Insurance Applications

Oracle E-Business Suite, versions 12.2.3-12.2.12 Oracle E-Business Suite

Oracle Essbase, version 21.4 Database

Oracle Financial Services Crime and Compliance Management Studio, version 8.0.8.3.1 Oracle Financial Services Crime and Compliance Management Studio

Oracle Fusion Middleware MapViewer, version 12.2.1.4.0 Fusion Middleware

Oracle Global Lifecycle Management NextGen OUI Framework, versions prior to 13.9.4.2.11 Fusion Middleware

Oracle Global Lifecycle Management OPatchAuto, versions [DB] prior to 12.2.0.1.35 Global Lifecycle Management

Oracle GraalVM Enterprise Edition, versions 20.3.8, 21.3.4, 22.3.0 Java SE

Oracle Graph Server and Client, versions prior to 21.4.3, prior to 22.4.0, prior to 23.1.0 Database

Oracle Health Sciences Empirica Signal, versions 9.1.0.52, 9.2.0.52 Health Sciences

Oracle Healthcare Data Repository, versions 8.1.0.0-8.1.3.1 HealthCare Applications

Oracle Healthcare Translational Research, versions 4.1.0.0-4.1.1.1 HealthCare Applications

Oracle Hospitality Cruise Shipboard Property Management System, version 20.2.2 Oracle Hospitality Cruise Shipboard Property Management System

Oracle Hospitality Gift and Loyalty, version 9.1.0 Oracle Hospitality Gift and Loyalty

Oracle Hospitality Labor Management, version 9.1.0 Oracle Hospitality Labor Management

Oracle Hospitality Reporting and Analytics, version 9.1.0 Oracle Hospitality Reporting and Analytics

Oracle Hospitality Simphony, versions 18.2.11, 19.3.4 Oracle Hospitality Simphony

Oracle HTTP Server, version 12.2.1.4.0 Fusion Middleware

Oracle Hyperion Infrastructure Technology, version 11.2.10 Oracle Enterprise Performance Management

Oracle Java SE, versions 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1 Java SE

Oracle Middleware Common Libraries and Tools, version 12.2.1.4.0 Fusion Middleware

Oracle Outside In Technology, version 8.5.6 Fusion Middleware

Oracle Retail Service Backbone, versions 14.1.3.2, 15.0.3.1, 16.0.3 Retail Applications

Oracle SD-WAN Aware, versions 8.2.1.9.0, 9.0.1.4.0 Oracle SD-WAN Aware

Oracle Solaris, versions 10, 11 Systems

Oracle Spatial Studio, versions prior to 22.3.0 Database

Oracle Stream Analytics, versions prior to 19.1.0.0.8 Database

Oracle TimesTen In-Memory Database, versions prior to 11.2.2.8.65 Database

Oracle Utilities Framework, versions 4.3.0.5.0, 4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0, 4.5.0.0.0 Oracle Utilities Applications

Oracle Utilities Network Management System, versions 2.3.0.2, 2.4.0.1, 2.5.0.0-2.5.0.2 Oracle Utilities Applications

Oracle VM VirtualBox, versions prior to 6.1.42, prior to 7.0.6 Virtualization

Oracle Web Services Manager, version 12.2.1.4.0 Fusion Middleware

Oracle WebCenter Content, version 12.2.1.4.0 Fusion Middleware

Oracle WebCenter Sites, version 12.2.1.4.0 Fusion Middleware

Oracle WebLogic Server, versions 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 Fusion Middleware

OSS Support Tools, versions 2.12.43, 22.2.22.4.5, 22.4.22.10.18 Oracle Support Tools

PeopleSoft Enterprise CC Common Application Objects, version 9.2 PeopleSoft

PeopleSoft Enterprise CS Academic Advisement, version 9.2 PeopleSoft

PeopleSoft Enterprise PeopleTools, versions 8.58, 8.59, 8.60 PeopleSoft

Primavera Gateway, versions 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10, 21.12.0-21.12.8 Oracle Construction and

Engineering Suite

Primavera Unifier, versions 18.8, 19.12, 20.12, 21.12, 22.12 Oracle Construction and Engineering Suite

Siebel Applications, versions 22.10 and prior Siebel


Fuente

CVE-2023-21839

CVE-2023-21832

CVE-2023-21846

CVE-2023-21847

CVE-2023-21861

CVE-2023-21891

CVE-2023-21892

CVE-2023-21885

CVE-2023-21889

CVE-2023-21898

CVE-2023-21899

CVE-2023-21894

CVE-2023-21886

CVE-2023-21883

CVE-2023-21888

CVE-2023-21835

CVE-2023-21841

CVE-2023-21843

CVE-2023-21829

CVE-2023-21834

CVE-2023-21827

CVE-2023-21890

CVE-2023-21838

CVE-2023-21884

CVE-2023-21830

CVE-2023-21837

CVE-2023-21872

CVE-2023-21878

CVE-2023-21879

CVE-2023-21880

CVE-2023-21881

CVE-2023-21893

CVE-2021-3737

CVE-2022-42003

CVE-2022-39429

CVE-2020-10735

CVE-2018-25032

CVE-2022-42004

CVE-2022-21597

CVE-2021-37750

CVE-2022-45047

CVE-2022-42889

CVE-2020-10878

CVE-2020-10543

CVE-2020-12723

CVE-2022-1122

CVE-2021-29338

CVE-2022-3171

CVE-2022-22970

CVE-2022-3509

CVE-2022-3510

CVE-2022-42252

CVE-2022-38752

CVE-2022-25857

CVE-2022-38749

CVE-2022-38750

CVE-2022-38751

CVE-2022-2274

CVE-2022-42915

CVE-2022-2068

CVE-2022-2097

CVE-2022-42916

CVE-2022-31129

CVE-2022-25647

CVE-2020-36518

CVE-2020-13956

CVE-2022-2048

CVE-2022-2047

CVE-2022-2191

CVE-2020-13920

CVE-2022-22971

CVE-2022-22950

CVE-2022-33980

CVE-2022-37434

CVE-2022-22965

CVE-2019-17571

CVE-2022-22978

CVE-2022-37454

CVE-2022-31692

CVE-2021-41411

CVE-2023-21848

CVE-2022-32212

CVE-2020-16156

CVE-2022-40150

CVE-2022-34917

CVE-2022-35737

CVE-2022-40146

CVE-2022-41720

CVE-2022-39271

CVE-2021-43797

CVE-2022-36055

CVE-2022-30126

CVE-2023-21824

CVE-2020-15250

CVE-2021-4104

CVE-2022-23302

CVE-2022-23305

CVE-2020-14392

CVE-2020-14393

CVE-2022-22976

CVE-2022-25169

CVE-2022-31690

CVE-2022-32213

CVE-2022-32214

CVE-2022-32215

CVE-2022-38398

CVE-2022-38648

CVE-2022-40149

CVE-2022-41717

CVE-2022-4200

CVE-2022-43403

CVE-2022-2526

CVE-2022-27404

CVE-2022-25315

CVE-2018-1273

CVE-2022-24407

CVE-2022-21824

CVE-2022-24903

CVE-2022-1304

CVE-2022-40304

CVE-2022-0492

CVE-2022-2509

CVE-2022-2053

CVE-2022-41881

CVE-2022-4147

CVE-2022-0084

CVE-2022-0934

CVE-2022-1319

CVE-2022-30293

CVE-2022-3028

CVE-2022-29824

CVE-2022-31629

CVE-2022-34305

CVE-2021-40528

CVE-2022-24823

CVE-2020-0466

CVE-2021-0920

CVE-2021-4155

CVE-2021-3629

CVE-2022-1259

CVE-2022-2764

CVE-2021-44531

CVE-2021-44532

CVE-2021-21290

CVE-2022-25235

CVE-2022-25236

CVE-2022-25313

CVE-2022-25314

CVE-2022-27405

CVE-2022-27406

CVE-2022-31625

CVE-2022-21499

CVE-2022-31626

CVE-2022-31627

CVE-2022-31628

CVE-2022-40303

CVE-2022-41915

CVE-2022-29885

CVE-2022-41853

CVE-2022-43404

CVE-2021-21708

CVE-2021-23358

CVE-2023-21849

CVE-2023-21858

CVE-2023-21857

CVE-2023-21856

CVE-2023-21852

CVE-2023-21851

CVE-2023-21853

CVE-2023-21855

CVE-2023-21854

CVE-2023-21825

CVE-2022-31813

CVE-2022-26377

CVE-2022-28614

CVE-2022-28615

CVE-2022-29404

CVE-2022-30522

CVE-2022-30556

CVE-2022-36033

CVE-2021-2351

CVE-2023-21828

CVE-2023-21826

CVE-2021-44832

CVE-2021-41184

CVE-2021-41182

CVE-2021-41183

CVE-2021-44228

CVE-2022-40664

CVE-2018-7489

CVE-2022-42920

CVE-2020-11987

CVE-2023-21862

CVE-2021-36770

CVE-2022-27782

CVE-2021-42717

CVE-2022-43680

CVE-2022-23457

CVE-2021-36090

CVE-2022-40153

CVE-2023-21842

CVE-2021-3181

CVE-2022-24329

CVE-2020-10693

CVE-2023-21859

CVE-2017-7536

CVE-2021-31811

CVE-2021-35515

CVE-2021-35516

CVE-2021-35517

CVE-2022-23307

CVE-2022-24891

CVE-2022-27778

CVE-2022-27779

CVE-2022-27780

CVE-2022-27781

CVE-2022-30115

CVE-2022-23308

CVE-2021-30641

CVE-2022-22721

CVE-2022-23221

CVE-2021-36483

CVE-2021-31805

CVE-2022-23437

CVE-2022-43548

CVE-2022-3602

CVE-2022-3786

CVE-2022-26336

CVE-2022-32221

CVE-2020-36242

CVE-2022-1941

CVE-2023-21868

CVE-2023-21860

CVE-2023-21875

CVE-2023-21869

CVE-2023-21877

CVE-2023-21871

CVE-2023-21836

CVE-2023-21887

CVE-2023-21863

CVE-2023-21864

CVE-2023-21865

CVE-2023-21866

CVE-2023-21867

CVE-2023-21870

CVE-2023-21873

CVE-2023-21876

CVE-2023-21840

CVE-2023-21882

CVE-2023-21874

CVE-2022-35260

CVE-2021-3918

CVE-2023-21844

CVE-2023-21845

CVE-2023-21831

CVE-2020-27844

CVE-2022-34169

CVE-2022-24839

CVE-2023-21850

CVE-2019-12415

CVE-2019-7317

CVE-2018-21010

CVE-2019-12973

CVE-2020-15389

CVE-2020-27814

CVE-2020-2784

CVE-2020-27842

CVE-2020-27843

CVE-2020-27845

CVE-2021-37533

CVE-2022-23219

CVE-2023-21900

CVE-2022-23218

CVE-2020-10683

CVE-2020-11979

CVE-2021-45105

CVE-2021-29425

CVE-2019-12402







Notificacion de vulnerabilidad en Cisco Prime Data Center Network Manager File Infomation - CVE-2015-0666
Notificacion de vulnerabilidad en Cisco Prime Data Center Network Manager File Infomation - CVE-2015-0666