Apache Log4j Security Alert CVE-2021-44228 also referencing CVE-2021-45046 Mitigation on Oracle Enterprise Performance Management
(Doc ID 2828262.1)
Last updated on JUNE 23, 2023
Applies to:
Oracle Hyperion Tax Provision - Version 11.2.0.0.000 and laterHyperion Profitability and Cost Management - Version 11.2.0.0.000 and later
Hyperion Financial Data Quality Management, Enterprise Edition - Version 11.2.0.0.000 and later
Hyperion Financial Management - Version 11.2.0.0.000 and later
Hyperion Financial Close Management - Version 11.2.0.0.000 and later
Information in this document applies to any platform.
Purpose
CVE-2021-45046 has been determined to impact Oracle Enterprise Performance Management [Product ID 4392] via the Apache Log4j open source component it ships.
This supersedes earlier comments around CVE-2021-44228 based on updated guidance by the National Vulnerability Database (NVD) and Apache.
Scope
This document provides mitigation steps to alleviate the impact associated with CVE-2021-45046 (and the original CVE-2021-44228) for Oracle Enterprise Performance Management.
Note: Version 11.1.2.4 of the above products are not impacted by these CVEs.
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Purpose |
Scope |
Details |
References |