My Oracle Support Banner

EM 13c: Log4j CVE's And Its Impact On Enterprise Manager Cloud Control : Patch Availability Status and Mitigation Plan Details (Doc ID 2837257.1)

Last updated on DECEMBER 12, 2023

Applies to:

Enterprise Manager Base Platform - Version 13.3.2.0.0 and later
Information in this document applies to any platform.

Purpose

 In response to Security Alert Log4j CVEs, Oracle has released patches for Oracle Enterprise Manager Cloud Control and its underlying stack. The purpose of this document is to provide you information on how to obtain and apply these security updates. Please note that these patches address all vulnerabilities CVE-2021-44228, CVE-2021-45046,CVE-2021-45105,CVE-2021-44832,CVE-2021-4104 & CVE-2019-17571

Scope

This document applies to Oracle Enterprise Manager 13.5 ,13.4 & 13.3.2 and underlying Oracle Fusion Middleware 12.2.1.4 and 12.2.1.3 products using Log4j 2.X jars.
Any version of OEM which is using Log4j version 1.x and version >= 2.0 and <=2.16

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.