My Oracle Support Banner

Security Vulnerability FAQ for Oracle On Premises Products (Doc ID 42.1)

Last updated on SEPTEMBER 27, 2024

Applies to:

Oracle WebLogic Server - Version 12.2.1.4.0 to 12.2.1.4.0 [Release 12c]
Information in this document applies to any platform.

Purpose

This My Oracle Support document seeks to provide helpful security information and guidance to Oracle customers who use On Premises products.  It covers the most frequently asked questions.  It is not an exhaustive list - if your question is not addressed below, please open an SR so that Oracle Support may assist you.

Scope

The questions and answers provided within this FAQ are derived from the following Oracle Security sites:

Critical Patch Updates and Security Alerts
https://www.oracle.com/technetwork/topics/security/alerts-086861.html

Security Vulnerability Fixing Policy and Process
https://www.oracle.com/corporate/security-practices/assurance/vulnerability/security-fixing.html

Announcements of Third-Party Component Updates
https://www.oracle.com/security-alerts/thirdpartycomponents.html

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Purpose
Scope
Details
 How Can I Determine if My Oracle Product is Affected By A New Security Vulnerability (CVE) Published on the Internet?
 Where do I Get Security Patches for Third-Party Products Included in My Oracle Product(s)?  
 What Action Should I Take Based on 3rd Party Security Scan Report or Penetration Test?
 Where do I Obtain Patches from Oracle for Known Vulnerabilities?
 How do I Research a CVE Number?
 What is the Process to Get Help With A Vulnerability Issue?

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.