{"id":2699,"date":"2021-04-22T13:35:07","date_gmt":"2021-04-22T18:35:07","guid":{"rendered":"https:\/\/cert.pa\/?p=2699"},"modified":"2021-04-22T13:35:07","modified_gmt":"2021-04-22T18:35:07","slug":"csirt-panama-aviso-2021-04-22-oracle-actualizaciones-criticas-en-oracle-abril-2021","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=2699","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2021-04-22 Oracle: Actualizaciones cr\u00edticas en Oracle (abril 2021)"},"content":{"rendered":"\n<p>CSIRT Panam\u00e1 Aviso 2021-04-22 Oracle: Actualizaciones cr\u00edticas en Oracle (abril 2021)<\/p>\n\n\n\n<p>Gravedad: Alta<br>Fecha de publicaci\u00f3n: Abril 22, 2021<br>\u00daltima revisi\u00f3n: Abril 22, 2021<br>Sitio web https:\/\/www.oracle.com\/<br>Sistemas Afectados:<br>\u2022 Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite, versiones 3.5 y 3.6;<br>\u2022 Agile Product Lifecycle Management Integration Pack for SAP: Design to Release, versiones 3.5 y 3.6;<br>\u2022 Enterprise Manager Base Platform, versi\u00f3n 13.4.0.0;<br>\u2022 Enterprise Manager for Fusion Middleware, versiones 12.2.1.4 y 13.4.0.0;<br>\u2022 Enterprise Manager for Virtualization, versi\u00f3n 13.4.0.0;<br>\u2022 Enterprise Manager Ops Center, versi\u00f3n 12.4.0.0;<br>\u2022 FMW Platform, versiones 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Hyperion Analytic Provider Services, versiones 11.1.2.4 y 12.2.1.4;<br>\u2022 Hyperion Financial Management, versi\u00f3n 11.1.2.4;<br>\u2022 Instantis EnterpriseTrack, versiones 17.1, 17.2 y 17.3;<br>\u2022 JD Edwards EnterpriseOne Orchestrator, todas las versiones anteriores a la 9.2.5.3;<br>\u2022 JD Edwards EnterpriseOne Tools, todas las versiones anteriores a la 9.2.4.0 y 9.2.5.3;<br>\u2022 JD Edwards World Security, versi\u00f3n A9.4;<br>\u2022 MySQL Cluster, versi\u00f3n 8.0.23 y anteriores;<br>\u2022 MySQL Enterprise Monitor, versi\u00f3n 8.0.23 y anteriores;<br>\u2022 MySQL Server, versi\u00f3n 5.7.33 y anteriores, y versi\u00f3n 8.0.23 y anteriores;<br>\u2022 MySQL Workbench, versi\u00f3n 8.0.23 y anteriores;<br>\u2022 Oracle Advanced Supply Chain Planning, versiones 12.1 y 12.2;<br>\u2022 Oracle Agile PLM, versiones 9.3.3, 9.3.5 y 9.3.6;<br>\u2022 Oracle API Gateway, versi\u00f3n 11.1.2.4.0;<br>\u2022 Oracle Application Express, todas las versiones anteriores a la 20.2;<br>\u2022 Oracle Application Testing Suite, versi\u00f3n 13.3.01;<br>\u2022 Oracle BAM, versiones 11.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Banking Platform, versiones 2.4.0, 2.6.2, 2.7.0, 2.7.1, 2.8.0, 2.9.0 y 2.10.0;<br>\u2022 Oracle Business Intelligence Enterprise Edition, versiones 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Cloud Infrastructure Storage Gateway, todas las versiones anteriores a la 1.4;<br>\u2022 Oracle Coherence, versiones 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 y 14.1.1.0.0;<br>\u2022 Oracle Commerce Guided Search, versiones 11.3.0, 11.3.1 y 11.3.2;<br>\u2022 Oracle Commerce Merchandising, versiones 0, 11.0.0, 11.1, 11.2.0, 11.3.0, 11.3.1 y 11.3.2;<br>\u2022 Oracle Communications Application Session Controller, versi\u00f3n 3.9m0p3;<br>\u2022 Oracle Communications Calendar Server, versi\u00f3n 8.0;<br>\u2022 Oracle Communications Contacts Server, versi\u00f3n 8.0;<br>\u2022 Oracle Communications Converged Application Server \u2013 Service Controller, versi\u00f3n 6.2;<br>\u2022 Oracle Communications Design Studio, versi\u00f3n 7.4.2;<br>\u2022 Oracle Communications Interactive Session Recorder, versiones 6.3 y 6.4;<br>\u2022 Oracle Communications Messaging Server, versiones 8.0.2, 8.1 y 8.1.0;<br>\u2022 Oracle Communications MetaSolv Solution, versiones 6.3.0 y 6.3.1;<br>\u2022 Oracle Communications Performance Intelligence Center Software, versiones 10.4.0.2 y 10.4.0.3;<br>\u2022 Oracle Communications Services Gatekeeper, versiones 6.0, 6.1 y 7.0;<br>\u2022 Oracle Communications Session Border Controller, versiones Cz8.2, Cz8.3 y Cz8.4;<br>\u2022 Oracle Communications Session Router, versiones Cz8.2, Cz8.3 y Cz8.4;<br>\u2022 Oracle Communications Subscriber-Aware Load Balancer, versiones Cz8.2, Cz8.3 y Cz8.4;<br>\u2022 Oracle Communications Unified Inventory Management, versiones 7.3.4, 7.3.5, 7.4.0 y 7.4.1;<br>\u2022 Oracle Communications Unified Session Manager, versi\u00f3n SCz8.2.5;<br>\u2022 Oracle Database Server, versiones 12.1.0.2, 12.2.0.1, 18c y 19c;<br>\u2022 Oracle E-Business Suite, versiones de la 12.1.1 a la 12.1.3 y de la 12.2.3 a la 12.2.10;<br>\u2022 Oracle Endeca Information Discovery Studio, versi\u00f3n 3.2.0.0;<br>\u2022 Oracle Enterprise Communications Broker, versiones PCZ3.1, PCZ3.2 y PCZ3.3;<br>\u2022 Oracle Enterprise Repository, versi\u00f3n 11.1.1.7.0;<br>\u2022 Oracle Enterprise Session Border Controller, versiones Cz8.2, Cz8.3 y Cz8.4;<br>\u2022 Oracle Financial Services Analytical Applications Infrastructure, versiones de la 8.0.6 a la 8.1.0;<br>\u2022 Oracle FLEXCUBE Direct Banking, versiones 12.0.2 y 12.0.3;<br>\u2022 Oracle FLEXCUBE Private Banking, versiones 12.0.0 y 12.1.0;<br>\u2022 Oracle Fusion Middleware, versiones 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Fusion Middleware MapViewer, versi\u00f3n 12.2.1.4.0;<br>\u2022 Oracle Global Lifecycle Management OPatch, todas las versiones anteriores a la 12.2.0.1.22;<br>\u2022 Oracle GraalVM Enterprise Edition, versiones 19.3.5, 20.3.1.2 y 21.0.0.2;<br>\u2022 Oracle Graph Server and Client;<br>\u2022 Oracle Health Sciences Empirica Signal, versiones 9.0 y 9.1;<br>\u2022 Oracle Health Sciences Information Manager, versiones de la 3.0.0 a la 3.0.2;<br>\u2022 Oracle Healthcare Foundation, versiones 7.1.5, 7.2.2, 7.3.0, 7.3.1 y 8.0.1;<br>\u2022 Oracle Hospitality Cruise Shipboard Property Management System, versi\u00f3n 20.1.0;<br>\u2022 Oracle Hospitality Inventory Management, versi\u00f3n 9.1.0;<br>\u2022 Oracle Hospitality OPERA 5, versiones 5.5 y 5.6;<br>\u2022 Oracle Hospitality RES 3700, versiones de la 5.7.0 a la 5.7.6;<br>\u2022 Oracle HTTP Server, versiones 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Identity Manager Connector, versi\u00f3n 11.1.1.5.0;<br>\u2022 Oracle iLearning, versiones 6.2 y 6.3;<br>\u2022 Oracle Insurance Data Gateway, versi\u00f3n 1.0.2.3;<br>\u2022 Oracle Java SE, versiones 7u291, 8u281, 11.0.10 y 16;<br>\u2022 Oracle Java SE Embedded, versi\u00f3n 8u281;<br>\u2022 Oracle NoSQL Database, todas las versiones anteriores a la 20.3;<br>\u2022 Oracle Outside In Technology, versi\u00f3n 8.5.5;<br>\u2022 Oracle Platform Security for Java, versiones 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Rapid Planning, versi\u00f3n 12.1.3;<br>\u2022 Oracle REST Data Services, todas las versiones anteriores a la 20.4.3.50.1904;<br>\u2022 Oracle Retail Advanced Inventory Planning, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Assortment Planning, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Back Office, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Category Management Planning &amp; Optimization, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Central Office, versi\u00f3n 14.1;<br>\u2022 Oracle Retail EFTLink, versiones 15.0.2, 16.0.3, 17.0.2, 18.0.1, 19.0.1 y 20.0.0;<br>\u2022 Oracle Retail Insights Cloud Service Suite, versi\u00f3n 19.0;<br>\u2022 Oracle Retail Item Planning, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Macro Space Optimization, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Merchandise Financial Planning, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Merchandising System, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Point-of-Service, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Predictive Application Server, versiones 14.1, 15.0 y 16.0;<br>\u2022 Oracle Retail Regular Price Optimization, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Replenishment Optimization, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Returns Management, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Sales Audit, versi\u00f3n 14.0;<br>\u2022 Oracle Retail Size Profile Optimization, versi\u00f3n 16.0.3;<br>\u2022 Oracle Retail Store Inventory Management, versiones 14.1.3.10, 15.0.3.5 y 16.0.3.5;<br>\u2022 Oracle Retail Xstore Point of Service, versiones 15.0.4, 16.0.6, 17.0.4, 18.0.3 y 19.0.2;<br>\u2022 Oracle SD-WAN Aware, versi\u00f3n 8.2;<br>\u2022 Oracle SD-WAN Edge, versiones 8.2 y 9.0;<br>\u2022 Oracle Secure Backup;<br>\u2022 Oracle Secure Global Desktop, versi\u00f3n 5.6;<br>\u2022 Oracle Security Service, versiones 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Service Bus, versiones 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle Solaris, versiones 10 y 11;<br>\u2022 Oracle Spatial Studio, todas las versiones anteriores a la 19.1.0 y 20.1.1;<br>\u2022 Oracle SQL Developer, todas las versiones anteriores a la 20.4.1.407.6 ;<br>\u2022 Oracle Storage Cloud Software Appliance, todas las versiones anteriores a la 16.3.1.4.2;<br>\u2022 Oracle TimesTen In-Memory Database;<br>\u2022 Oracle Utilities Framework, versiones 4.2.0.2.0, 4.2.0.3.0, de la 4.3.0.1.0 a la 4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0 y 4.4.0.3.0;<br>\u2022 Oracle VM VirtualBox, todas las versiones anteriores a la 6.1.20;<br>\u2022 Oracle WebCenter Portal, versiones 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle WebLogic Server, versiones 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 y 14.1.1.0.0;<br>\u2022 Oracle WebLogic Server Proxy Plug-In, versiones 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0;<br>\u2022 Oracle ZFS Storage Appliance Kit, versi\u00f3n 8.8;<br>\u2022 OSS Support Tools, todas las versiones anteriores a la 2.12.41;<br>\u2022 PeopleSoft Enterprise CS Campus Community, versi\u00f3n 9.2 ;<br>\u2022 PeopleSoft Enterprise FIN Common Application Objects, versi\u00f3n 9.2;<br>\u2022 PeopleSoft Enterprise FIN Expenses, versi\u00f3n 9.2;<br>\u2022 PeopleSoft Enterprise PeopleTools, versiones 8.56, 8.57 y 8.58;<br>\u2022 PeopleSoft Enterprise PT PeopleTools, versiones 8.56, 8.57 y 8.58;<br>\u2022 PeopleSoft Enterprise SCM eProcurement, versi\u00f3n 9.2;<br>\u2022 PeopleSoft Enterprise SCM Purchasing, versi\u00f3n 9.2;<br>\u2022 Primavera Gateway, versiones de la 17.12.0 a la 17.12.10;<br>\u2022 Primavera Unifier, versiones 16.1, 16.2, de la 17.7 a la 17.12, 18.8, 19.12 y 20.12;<br>\u2022 Siebel Applications, versi\u00f3n 21.2 y anteriores.<\/p>\n\n\n\n<p>I. Descripci\u00f3n<\/p>\n\n\n\n<p>Se ha publicado actualizaciones cr\u00edticas en Oracle, con parches para corregir vulnerabilidades que afectan a m\u00faltiples productos.<\/p>\n\n\n\n<p>II. Impacto<\/p>\n\n\n\n<p>Esta actualizaci\u00f3n resuelve un total de 390 vulnerabilidades, algunas de las cuales son cr\u00edticas.<\/p>\n\n\n\n<p>III. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n\n\n\n<p>Aplicar los parches correspondientes seg\u00fan los productos afectados, mediante el siguiente enlace: https:\/\/www.oracle.com\/security-alerts\/cpuapr2021.html<\/p>\n\n\n\n<p>Fuentes:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Instituto Nacional de Ciberseguridad, INCIBE. Avisos Seguridad, Actualizaciones cr\u00edticas en Oracle (abril 2021). Recopilado en: https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizaciones-criticas-oracle-abril-2021<br>Informaci\u00f3n de contacto<\/li><\/ol>\n\n\n\n<p>CSIRT PANAMA<br>Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental<br>E-Mail: info@cert.pa<br>Phone: +507 520-CERT (2378)<br>Web: https:\/\/cert.pa<br>Twitter: @CSIRTPanama<br>Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2021-04-22 Oracle: Actualizaciones cr\u00edticas en Oracle (abril 2021) Gravedad: AltaFecha de publicaci\u00f3n: Abril 22, 2021\u00daltima revisi\u00f3n: Abril 22, 2021Sitio web https:\/\/www.oracle.com\/Sistemas Afectados:\u2022 Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite,&#8230;<\/p>\n","protected":false},"author":4,"featured_media":2277,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[72,37],"class_list":["post-2699","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-avisos-de-seguridad","tag-oracle"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2699"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2699\/revisions"}],"predecessor-version":[{"id":2700,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2699\/revisions\/2700"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/2277"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}