How-To - Addressing Security Scan Findings on Exadata and SuperCluster
(Doc ID 2182530.1)
Last updated on JANUARY 25, 2022
Applies to:Exadata X5-2 Hardware - Version All Versions and later
Exadata X4-2 Hardware - Version All Versions and later
Oracle SuperCluster M6-32 Hardware - Version All Versions and later
SPARC SuperCluster T4-4 - Version All Versions and later
Oracle SuperCluster M7 Hardware - Version All Versions and later
Information in this document applies to any platform.
The goal of this document is to assist in determining if one or more identified CVEs apply to an Oracle Exadata and SuperCluster cell and compute nodes (including Exadata Cloud domU environments).
For vulnerabilities affecting Oracle Database Appliances (ODA), see Doc ID 2195990.1.
For vulnerabilities affecting Infiniband Switches, open a Service Request with Oracle Support.
For vulnerabilities affecting the Cisco switches in Engineered Systems, see Doc ID 2232764.1.
For vulnerabilities affecting the Weblogic component used in the Exadata server software, see Doc ID 2418350.1.
For vulnerabilities that do not have a CVE AND require a cipher to be disabled, see Doc ID 2198093.1.
For vulnerabilities that do not have a CVE AND required changing the default SNMP community string, see Doc ID 2181438.1.
For CVEs specific to a particular application such as Enterprise Manager, also review Doc ID 1074055.1.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!