본문으로 바로가기

Oracle Critical Patch Update 보안 업데이트 권고

category 보안이슈/보안공지 2021. 4. 22. 09:17

Oracle Critical Patch Update 보안 업데이트 권고

 

□ 개요
 o 오라클 CPU에서 자사 제품의 보안 취약점 390개에 대한 패치 발표
  ※ CPU(Critical Patch Update) : 오라클 중요 보안 업데이트
 o 영향받는 버전의 사용자는 악성코드 감염 등에 취약할 수 있으므로, 아래 해결 방안에 따라 최신 버전으로 업데이트 권고

□ 영향받는 제품 및 버전

영향받는 제품

패치 관련 문서

Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite, versions 3.5, 3.6

Oracle Supply Chain Products

Agile Product Lifecycle Management Integration Pack for SAP: Design to Release, versions 3.5, 3.6

Oracle Supply Chain Products

Enterprise Manager Base Platform, version 13.4.0.0

Enterprise Manager

Enterprise Manager for Fusion Middleware, versions 12.2.1.4, 13.4.0.0

Enterprise Manager

Enterprise Manager for Virtualization, version 13.4.0.0

Enterprise Manager

Enterprise Manager Ops Center, version 12.4.0.0

Enterprise Manager

FMW Platform, versions 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Hyperion Analytic Provider Services, versions 11.1.2.4, 12.2.1.4

Fusion Middleware

Hyperion Financial Management, version 11.1.2.4

Fusion Middleware

Instantis EnterpriseTrack, versions 17.1, 17.2, 17.3

Oracle Construction and Engineering Suite

JD Edwards EnterpriseOne Orchestrator, versions prior to 9.2.5.3

JD Edwards

JD Edwards EnterpriseOne Tools, versions prior to 9.2.4.0, prior to 9.2.5.3

JD Edwards

JD Edwards World Security, version A9.4

JD Edwards

MySQL Cluster, versions 8.0.23 and prior

MySQL

MySQL Enterprise Monitor, versions 8.0.23 and prior

MySQL

MySQL Server, versions 5.7.33 and prior, 8.0.23 and prior

MySQL

MySQL Workbench, versions 8.0.23 and prior

MySQL

Oracle Advanced Supply Chain Planning, versions 12.1, 12.2

Oracle Supply Chain Products

Oracle Agile PLM, versions 9.3.3, 9.3.5, 9.3.6

Oracle Supply Chain Products

Oracle API Gateway, version 11.1.2.4.0

Fusion Middleware

Oracle Application Express, versions prior to 20.2

Database

Oracle Application Testing Suite, version 13.3.0.1

Enterprise Manager

Oracle BAM (Business Activity Monitoring), versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Banking Platform, versions 2.4.0, 2.6.2, 2.7.0, 2.7.1, 2.8.0, 2.9.0, 2.10.0

Oracle Banking Platform

Oracle Business Intelligence Enterprise Edition, versions 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Cloud Infrastructure Storage Gateway, versions prior to 1.4

Contact Support

Oracle Coherence, versions 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Fusion Middleware

Oracle Commerce Guided Search, versions 11.3.0, 11.3.1, 11.3.2

Oracle Commerce

Oracle Commerce Merchandising, versions 0, 11.0.0, 11.1, 11.2.0, 11.3.0, 11.3.1, 11.3.2

Oracle Commerce

Oracle Communications Application Session Controller, version 3.9m0p3

Oracle Communications Application Session Controller

Oracle Communications Calendar Server, version 8.0

Oracle Communications Calendar Server

Oracle Communications Contacts Server, version 8.0

Oracle Communications Contacts Server

Oracle Communications Converged Application Server - Service Controller, version 6.2

Oracle Communications Converged Application Server - Service Controller

Oracle Communications Design Studio, version 7.4.2

Oracle Communications Design Studio

Oracle Communications Interactive Session Recorder, versions 6.3, 6.4

Oracle Communications Interactive Session Recorder

Oracle Communications Messaging Server, versions 8.0.2, 8.1, 8.1.0

Oracle Communications Messaging Server

Oracle Communications MetaSolv Solution, versions 6.3.0, 6.3.1

Oracle Communications MetaSolv Solution

Oracle Communications Performance Intelligence Center Software, versions 10.4.0.2, 10.4.0.3

Oracle Communications Performance Intelligence Center (PIC) Software

Oracle Communications Services Gatekeeper, versions 6.0, 6.1, 7.0

Oracle Communications Services Gatekeeper

Oracle Communications Session Border Controller, versions Cz8.2, Cz8.3, Cz8.4

Oracle Communications Session Border Controller

Oracle Communications Session Router, versions Cz8.2, Cz8.3, Cz8.4

Oracle Communications Session Router

Oracle Communications Subscriber-Aware Load Balancer, versions Cz8.2, Cz8.3, Cz8.4

Oracle Communications Subscriber-Aware Load Balancer

Oracle Communications Unified Inventory Management, versions 7.3.4, 7.3.5, 7.4.0, 7.4.1

Oracle Communications Unified Inventory Management

Oracle Communications Unified Session Manager, version SCz8.2.5

Oracle Communications Unified Session Manager

Oracle Database Server, versions 12.1.0.2, 12.2.0.1, 18c, 19c

Database

Oracle E-Business Suite, versions 12.1.1-12.1.3, 12.2.3-12.2.10

E-Business Suite

Oracle Endeca Information Discovery Studio, version 3.2.0.0

Fusion Middleware

Oracle Enterprise Communications Broker, versions PCZ3.1, PCZ3.2, PCZ3.3

Oracle Enterprise Communications Broker

Oracle Enterprise Repository, version 11.1.1.7.0

Fusion Middleware

Oracle Enterprise Session Border Controller, versions Cz8.2, Cz8.3, Cz8.4

Oracle Enterprise Session Border Controller

Oracle Financial Services Analytical Applications Infrastructure, versions 8.0.6-8.1.0

Oracle Financial Services Analytical Applications Infrastructure

Oracle FLEXCUBE Direct Banking, versions 12.0.2, 12.0.3

Contact Support

Oracle FLEXCUBE Private Banking, versions 12.0.0, 12.1.0

Contact Support

Oracle Fusion Middleware, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Fusion Middleware MapViewer, version 12.2.1.4.0

Fusion Middleware

Oracle Global Lifecycle Management OPatch, versions prior to 12.2.0.1.22

Global Lifecycle Management

Oracle GraalVM Enterprise Edition, versions 19.3.5, 20.3.1.2, 21.0.0.2

Oracle GraalVM Enterprise Edition

Oracle Graph Server and Client

Database

Oracle Health Sciences Empirica Signal, versions 9.0, 9.1

Health Sciences

Oracle Health Sciences Information Manager, versions 3.0.0-3.0.2

Health Sciences

Oracle Healthcare Foundation, versions 7.1.5, 7.2.2, 7.3.0, 7.3.1, 8.0.1

Health Sciences

Oracle Hospitality Cruise Shipboard Property Management System, version 20.1.0

Oracle Hospitality Cruise Shipboard Property Management System

Oracle Hospitality Inventory Management, version 9.1.0

Oracle Hospitality Inventory Management

Oracle Hospitality OPERA 5, versions 5.5, 5.6

Oracle Hospitality OPERA 5 Property Services

Oracle Hospitality RES 3700, versions 5.7.0-5.7.6

Oracle Hospitality RES

Oracle HTTP Server, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Identity Manager Connector, version 11.1.1.5.0

Fusion Middleware

Oracle iLearning, versions 6.2, 6.3

iLearning

Oracle Insurance Data Gateway, version 1.0.2.3

Oracle Insurance Applications

Oracle Java SE, versions 7u291, 8u281, 11.0.10, 16

Java SE

Oracle Java SE Embedded, version 8u281

Java SE

Oracle NoSQL Database, versions prior to 20.3

NoSQL Database

Oracle Outside In Technology, version 8.5.5

Fusion Middleware

Oracle Platform Security for Java, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Rapid Planning, version 12.1.3

Oracle Supply Chain Products

Oracle REST Data Services, versions prior to 20.4.3.50.1904

Database

Oracle Retail Advanced Inventory Planning, version 14.1

Retail Applications

Oracle Retail Assortment Planning, version 16.0.3

Retail Applications

Oracle Retail Back Office, version 14.1

Retail Applications

Oracle Retail Category Management Planning &Optimization, version 16.0.3

Retail Applications

Oracle Retail Central Office, version 14.1

Retail Applications

Oracle Retail EFTLink, versions 15.0.2, 16.0.3, 17.0.2, 18.0.1, 19.0.1, 20.0.0

Retail Applications

Oracle Retail Insights Cloud Service Suite, version 19.0

Retail Applications

Oracle Retail Item Planning, version 16.0.3

Retail Applications

Oracle Retail Macro Space Optimization, version 16.0.3

Retail Applications

Oracle Retail Merchandise Financial Planning, version 16.0.3

Retail Applications

Oracle Retail Merchandising System, version 16.0.3

Retail Applications

Oracle Retail Point-of-Service, version 14.1

Retail Applications

Oracle Retail Predictive Application Server, versions 14.1, 15.0, 16.0

Retail Applications

Oracle Retail Regular Price Optimization, version 16.0.3

Retail Applications

Oracle Retail Replenishment Optimization, version 16.0.3

Retail Applications

Oracle Retail Returns Management, version 14.1

Retail Applications

Oracle Retail Sales Audit, version 14.0

Retail Applications

Oracle Retail Size Profile Optimization, version 16.0.3

Retail Applications

Oracle Retail Store Inventory Management, versions 14.1.3.10, 15.0.3.5, 16.0.3.5

Retail Applications

Oracle Retail Xstore Point of Service, versions 15.0.4, 16.0.6, 17.0.4, 18.0.3, 19.0.2

Retail Applications

Oracle SD-WAN Aware, version 8.2

Oracle SD-WAN Aware

Oracle SD-WAN Edge, versions 8.2, 9.0

Oracle SD-WAN Edge

Oracle Secure Backup

Oracle Secure Backup

Oracle Secure Global Desktop, version 5.6

Virtualization

Oracle Security Service, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Service Bus, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle Solaris, versions 10, 11

Systems

Oracle Spatial Studio, versions prior to 19.1.0, prior to 20.1.1

Database

Oracle SQL Developer, versions prior to 20.4.1.407.6

Database

Oracle Storage Cloud Software Appliance, versions prior to 16.3.1.4.2

Contact Support

Oracle TimesTen In-Memory Database

Database

Oracle Utilities Framework, versions 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0-4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0

Oracle Utilities Applications

Oracle VM VirtualBox, versions prior to 6.1.20

Virtualization

Oracle WebCenter Portal, versions 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Fusion Middleware

Oracle WebLogic Server Proxy Plug-In, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0

Fusion Middleware

Oracle ZFS Storage Appliance Kit, version 8.8

Systems

OSS Support Tools, versions prior to 2.12.41

Support Tools

PeopleSoft Enterprise CS Campus Community, version 9.2

PeopleSoft

PeopleSoft Enterprise FIN Common Application Objects, version 9.2

PeopleSoft

PeopleSoft Enterprise FIN Expenses, version 9.2

PeopleSoft

PeopleSoft Enterprise PeopleTools, versions 8.56, 8.57, 8.58

PeopleSoft

PeopleSoft Enterprise PT PeopleTools, versions 8.56, 8.57, 8.58

PeopleSoft

PeopleSoft Enterprise SCM eProcurement, version 9.2

PeopleSoft

PeopleSoft Enterprise SCM Purchasing, version 9.2

PeopleSoft

Primavera Gateway, versions 17.12.0-17.12.10

Oracle Construction and Engineering Suite

Primavera Unifier, versions 16.1, 16.2, 17.7-17.12, 18.8, 19.12, 20.12

Oracle Construction and Engineering Suite

Siebel Applications, versions 21.2 and prior

Siebel

 
 
□ 해결 방
 o "Oracle Critical Patch Update Advisory – April 2021“ 문서 및 패치 사항을 검토하고 벤더사 및 유지보수 업체와 협의/검토 후 패치 적용
 o JAVA SE 사용자는 설치된 제품의 최신 업데이트를 다운로드[2] 받아 설치하거나, Java 업데이트 자동 알림 설정을 권고
 


[참고사이트]
[1] https://www.oracle.com/security-alerts/cpuapr2021.html
[2] http://www.oracle.com/technetwork/java/javase/downloads/index.html
[3] https://www.java.com/ko/download/help/java_update.xml


댓글을 달아 주세요