CVE-2021-44228 / CVE-2021-45046 Impact On Oracle WebCenter Sites (Doc ID 2828507.1)

Last updated on APRIL 10, 2024

Applies to:

Oracle WebCenter Sites - Version 12.2.1.3.0 to 12.2.1.4.0 [Release FatWire]
Information in this document applies to any platform.

Purpose

In response to Security Alert CVE-2021-44228, Oracle has released patches for Oracle WebCenter Sites. The purpose of this document is to provide you information on how to obtain and apply these security updates. Please note that these patches address both vulnerabilities CVE-2021-44228 and CVE-2021-45046.

Scope

This document applies to Oracle WebCenter Sites 12.2.1.3.0 and 12.2.1.4.0

Note: For WebCenter Sites 11g, as the out-of-the-box included log4j libraries are 1.x, it is not impacted by CVE-2021-44228 / CVE-2021-45046
- Apache reported that CVE-2021-44228 / CVE-2021-45046 mitigation applies to Log4j v2 prior to 2.16.0, including 2.15, and does not apply to Log4j versions 1.x.

Details

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

CVE-2021-44228 / CVE-2021-45046 Impact On Oracle WebCenter Sites (Doc ID 2828507.1)

Applies to:

Purpose

Scope

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!