EM 13c: Concerning the Log4J Libraries Installed with Trace File Analyzer as Part of Enterprise Manager 13c Coud Control
(Doc ID 2846795.1)
Last updated on APRIL 27, 2022
Applies to:
Enterprise Manager Base Platform - Version 13.4.0.0.0 and laterInformation in this document applies to any platform.
Goal
Trace File Analyzer (TFA) installs with Enterprise Manager (EM) 13.4 Cloud Control and includes the following libraries:
/opt/oracle.tfa/tfa/common/jlib/log4j-api-2.11.2.jar
/opt/oracle.tfa/tfa/common/jlib/log4j-core-2.11.2.jar
These libraries are not secure and must be mitigated according to this reference:
<Note 2828296.1> Security Alert For CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 Patch Availability Document for Oracle Enterprise Manager Cloud Control
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |