EM 13c: Log4j CVE's And Its Impact On Enterprise Manager Cloud Control : Patch Availability Status and Mitigation Plan Details
(Doc ID 2837257.1)
Last updated on MARCH 05, 2024
Applies to:
Enterprise Manager Base Platform - Version 13.3.2.0.0 and laterInformation in this document applies to any platform.
Purpose
In response to Security Alert Log4j CVEs, Oracle has released patches for Oracle Enterprise Manager Cloud Control and its underlying stack. The purpose of this document is to provide you information on how to obtain and apply these security updates. Please note that these patches address all vulnerabilities CVE-2021-44228, CVE-2021-45046,CVE-2021-45105,CVE-2021-44832,CVE-2021-4104 & CVE-2019-17571
Scope
This document applies to Oracle Enterprise Manager 13.5 ,13.4 & 13.3.2 and underlying Oracle Fusion Middleware 12.2.1.4 and 12.2.1.3 products using Log4j 2.X jars.
Any version of OEM which is using Log4j version 1.x and version >= 2.0 and <=2.16
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Purpose |
| Scope |
| Details |
| References |