My Oracle Support Banner

EM 13c: Log4j CVE's And Its Impact On Enterprise Manager Cloud Control : Patch Availability Status and Mitigation Plan Details (Doc ID 2837257.1)

Last updated on DECEMBER 12, 2023

Applies to:

Enterprise Manager Base Platform - Version and later
Information in this document applies to any platform.


 In response to Security Alert Log4j CVEs, Oracle has released patches for Oracle Enterprise Manager Cloud Control and its underlying stack. The purpose of this document is to provide you information on how to obtain and apply these security updates. Please note that these patches address all vulnerabilities CVE-2021-44228, CVE-2021-45046,CVE-2021-45105,CVE-2021-44832,CVE-2021-4104 & CVE-2019-17571


This document applies to Oracle Enterprise Manager 13.5 ,13.4 & 13.3.2 and underlying Oracle Fusion Middleware and products using Log4j 2.X jars.
Any version of OEM which is using Log4j version 1.x and version >= 2.0 and <=2.16


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.