Impact in Oracle BRM 12 PS3 CVE-2021-44228 (Zero-day Vulnerability Related to Log4j Java Lib) (Doc ID 2835326.1)

Last updated on AUGUST 08, 2023

Applies to:

Oracle Communications Billing and Revenue Management - Version 12.0.0.3.0 and later
Information in this document applies to any platform.

Goal

One user has Pricing Design Center (PDC) 12.0.3.0.0 and Billing and Revenue Management (BRM) 12.0.0.3.0 deployed on the certified version of WebLogic.

There are vulnerable log4j libraries under WebLogic path, some of them related to WebLogic, but several of them related to BRM components installed by BRM installer:
1. The jar's found under weblogic /opt/webogic.
2. The jar's under /BRM/oracle/oracle/oracle_common/modules/thirdparty.
3. The jar's under /scratch/ri-user-2/opt/brm_driver/lib.

How to remove them?

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Impact in Oracle BRM 12 PS3 CVE-2021-44228 (Zero-day Vulnerability Related to Log4j Java Lib) (Doc ID 2835326.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!