Last updated on JUNE 23, 2017
Applies to:Oracle Demantra Demand Management - Version 12.2.2 and later
Information in this document applies to any platform.
We are using Demantra R12.2 with DB version 188.8.131.52
As per our Infra team, Oracle Security has released Advisory regarding Oracle Privilege Vulnerability to all its Customers.There is a Security Vulnerability for our database since we have installed and/or using JAVA system within the Oracle database.This causes Vulnerability to the database when the patch released as part of OCT PSU 2014 is not installed.
Infra team has given one option as a Short term fix.
Apply a mitigation patch and temporarily disable ability to create new JAVA packages that can be used to exploit the vulnerability. This can be applied to current Oracle home. The mitigation patch DOES not affect existing JAVA package functionalities. This option will disable option to create new Java objects.
For short term fix , patch# 19721304
Short term fix, will disable Java Development in database, would like to validate with Oracle Demantra team
Can Java development be disabled in database ? or Demantra collaborator/Engine uses it in database?
Demantra schema does not have any Java objects .Not sure if Demantra
creates Java objects at run time and uses Java in database .
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms