My Oracle Support Banner

Apache Log4j Security Alert - CVE-2021-44228 / CVE-2021-45046 for Oracle Siebel CRM (Doc ID 2828323.1)

Last updated on JANUARY 07, 2022

Applies to:

Support Tools > My Oracle Support > My Oracle Support
Information in this document applies to any platform.


This document provides patches or mitigation steps to alleviate the impact associated with CVE-2021-44228 and CVE-2021-45046 on Oracle Siebel CRM Core Products. Refer to Apache Log4j 2 vulnerability described in Security Alert CVE-2021-44228 for more details.


Siebel Innovation Pack 16.x and Siebel CRM 18.9 and above are impacted by this vulnerability for the following components:


Apache reported that CVE-2021-44228 applies only to Log4j versions 2.0-2.14.1, and does not apply to Log4j versions 1.x.
Apache reported that CVE-2021-45046 applies only to Log4j versions 2.0-2.15, and does not apply to Log4j versions 1.x

Please continue to monitor this article for possible future updates.  Please review the MOS article “last update” date stamp to verify you have the most current information.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.