{"id":2836,"date":"2021-07-26T14:47:06","date_gmt":"2021-07-26T19:47:06","guid":{"rendered":"https:\/\/cert.pa\/?p=2836"},"modified":"2021-07-26T14:47:06","modified_gmt":"2021-07-26T19:47:06","slug":"csirt-panama-aviso-2021-07-22-oracle-actualizaciones-criticas-en-oracle","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=2836","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2021-07-22 Oracle: Actualizaciones cr\u00edticas en Oracle"},"content":{"rendered":"\n<p>CSIRT Panam\u00e1 Aviso 2021-07-22 Oracle: Actualizaciones cr\u00edticas en Oracle<\/p>\n\n\n\n<p>Gravedad: Alta<br>Fecha de publicaci\u00f3n: Julio 22, 2021<br>\u00daltima revisi\u00f3n: Julio 22, 2021<br>Sitio web: https:\/\/www.oracle.com\/<br>Sistemas afectados:<br>\u2022 Big Data Spatial and Graph, versiones anteriores a 2.0, anteriores a 23.1;<br>\u2022 Enterprise Manager Base Platform, versi\u00f3n 13.4.0.0;<br>\u2022 Essbase, versi\u00f3n 21.2;<br>\u2022 Essbase Analytic Provider Services, versiones 11.1.2.4, 21.2;<br>\u2022 Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers, versiones anteriores a XCP2400, anteriores a XCP3100;<br>\u2022 Hyperion Essbase Administration Services, versiones 11.1.2.4, 21.2;<br>\u2022 Hyperion Financial Reporting, versiones 11.1.2.4, 11.2.5.0;<br>\u2022 Hyperion Infrastructure Technology, versiones 11.1.2.4, 11.2.5.0;<br>\u2022 Identity Manager, versiones 11.1.2.2.0, 11.1.2.3.0, 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Instantis EnterpriseTrack, versiones 17.1, 17.2, 17.3;<br>\u2022 JD Edwards EnterpriseOne Orchestrator, versiones 9.2.5.3 y anteriores;<br>\u2022 JD Edwards EnterpriseOne Tools, versiones 9.2.5.3 y anteriores;<br>\u2022 MICROS Compact Workstation 3, versi\u00f3n 310;<br>\u2022 MICROS ES400 Series, versiones 400-410;<br>\u2022 MICROS Kitchen Display System Hardware, versi\u00f3n 210;<br>\u2022 MICROS Workstation 5A, versi\u00f3n 5A;<br>\u2022 MICROS Workstation 6, versiones 610-655;<br>\u2022 MySQL Cluster, versiones 8.0.25 y anteriores;<br>\u2022 MySQL Connectors, versiones 8.0.23 y anteriores;<br>\u2022 MySQL Enterprise Monitor, versiones 8.0.23 y anteriores;<br>\u2022 MySQL Server, versiones 5.7.34 y anteriores, 8.0.25 y anteriores;<br>\u2022 Oracle Access Manager, versi\u00f3n 11.1.2.3.0;<br>\u2022 Oracle Agile Engineering Data Management, versi\u00f3n 6.2.1.0;<br>\u2022 Oracle Agile PLM, versiones 9.3.3, 9.3.5, 9.3.6;<br>\u2022 Oracle Application Express, versiones anteriores a 21.1.0.0.4;<br>\u2022 Oracle Application Express (CKEditor), versiones anteriores a 21.1.0.0.1;<br>\u2022 Oracle Application Express Application Builder (DOMPurify), versiones anteriores a 21.1.0.0.1;<br>\u2022 Oracle Application Testing Suite, versi\u00f3n 13.3.0.1;<br>\u2022 Oracle BAM (Business Activity Monitoring), versiones 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Oracle Banking Enterprise Default Management, versiones 2.10.0, 2.12.0;<br>\u2022 Oracle Banking Liquidity Management, versiones 14.2, 14.3, 14.5;<br>\u2022 Oracle Banking Party Management, versi\u00f3n 2.7.0;<br>\u2022 Oracle Banking Platform, versiones 2.4.0, 2.7.1, 2.9.0, 2.12.0;<\/p>\n\n\n\n<p>\u2022 Oracle Banking Treasury Management, versi\u00f3n 14.4;<br>\u2022 Oracle BI Publisher, versiones 5.5.0.0.0, 11.1.1.7.0, 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Oracle Business Intelligence Enterprise Edition, versi\u00f3n 12.2.1.4.0;<br>\u2022 Oracle Coherence, versiones 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0;<br>\u2022 Oracle Commerce Guided Search, versi\u00f3n 11.3.2;<br>\u2022 Oracle Commerce Guided Search \/ Oracle Commerce Experience Manager, versiones 11.3.1.5, 11.3.2;<br>\u2022 Oracle Commerce Merchandising, versiones 11.1.0, 11.2.0, 11.3.0-11.3.2;<br>\u2022 Oracle Commerce Platform, versiones 11.0.0, 11.1.0, 11.2.0, 11.3.0-11.3.2;<br>\u2022 Oracle Commerce Service Center, versiones 11.0.0, 11.1.0, 11.2.0, 11.3.0-11.3.2;<br>\u2022 Oracle Communications Application Session Controller, versi\u00f3n 3.9;<br>\u2022 Oracle Communications Billing and Revenue Management, versiones 7.5.0.23.0, 12.0.0.3.0;<br>\u2022 Oracle Communications BRM &#8211; Elastic Charging Engine, versiones 11.3.0.9.0, 12.0.0.3.0;<br>\u2022 Oracle Communications Cloud Native Core Console, versi\u00f3n 1.4.0;<br>\u2022 Oracle Communications Cloud Native Core Network Function Cloud Native Environment, versiones 1.4.0, 1.7.0;<br>\u2022 Oracle Communications Cloud Native Core Network Slice Selection Function, versi\u00f3n 1.2.1;<br>\u2022 Oracle Communications Cloud Native Core Policy, versiones 1.5.0, 1.9.0;<br>\u2022 Oracle Communications Cloud Native Core Security Edge Protection Proxy, versi\u00f3n 1.7.0;<br>\u2022 Oracle Communications Cloud Native Core Service Communication Proxy, versi\u00f3n 1.5.2;<br>\u2022 Oracle Communications Cloud Native Core Unified Data Repository, versiones 1.4.0, 1.6.0;<br>\u2022 Oracle Communications Convergent Charging Controller, versi\u00f3n 12.0.4.0.0;<br>\u2022 Oracle Communications Design Studio, versi\u00f3n 7.4.2;<br>\u2022 Oracle Communications Diameter Signaling Router (DSR), versiones 8.0.0-8.5.0;<br>\u2022 Oracle Communications EAGLE Software, versiones 46.6.0-46.8.2;<br>\u2022 Oracle Communications Evolved Communications Application Server, versi\u00f3n 7.1;<br>\u2022 Oracle Communications Instant Messaging Server, versi\u00f3n 10.0.1.4.0;<br>\u2022 Oracle Communications Network Charging and Control, versiones 6.0.1.0, 12.0.1.0-12.0.4.0, 12.0.4.0.0;<br>\u2022 Oracle Communications Offline Mediation Controller, versi\u00f3n 12.0.0.3.0;<br>\u2022 Oracle Communications Pricing Design Center, versi\u00f3n 12.0.0.3.0;<br>\u2022 Oracle Communications Services Gatekeeper, versiones 7.0, 8.2;<br>\u2022 Oracle Communications Unified Inventory Management, versiones 7.3.2, 7.3.4, 7.3.5, 7.4.0, 7.4.1;<br>\u2022 Oracle Configuration Manager, versi\u00f3n 12.1.2.0.8;<br>\u2022 Oracle Data Integrator, versiones 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Oracle Database Server, versiones 12.1.0.2, 12.2.0.1, 19c;<br>\u2022 Oracle E-Business Suite, versiones 12.1.1-12.1.3, 12.2.3-12.2.10;<br>\u2022 Oracle Enterprise Data Quality, versiones 12.2.1.3.0, 12.2.1.4.0;<\/p>\n\n\n\n<p>\u2022 Oracle Enterprise Repository, versi\u00f3n 11.1.1.7.0;<br>\u2022 Oracle Financial Services Analytical Applications Infrastructure, versiones 8.0.6-8.0.9, 8.1.0, 8.1.1;<br>\u2022 Oracle Financial Services Crime and Compliance Investigation Hub, versi\u00f3n 20.1.2;<br>\u2022 Oracle Financial Services Regulatory Reporting with AgileREPORTER, versi\u00f3n 8.0.9.6.3;<br>\u2022 Oracle Financial Services Revenue Management and Billing Analytics, versiones 2.7.0, 2.8.0;<br>\u2022 Oracle FLEXCUBE Private Banking, versiones 12.0.0, 12.1.0;<br>\u2022 Oracle FLEXCUBE Universal Banking, versiones 12.0-12.4, 14.0-14.4.0;<br>\u2022 Oracle Fusion Middleware MapViewer, versi\u00f3n 12.2.1.4.0;<br>\u2022 Oracle GoldenGate Application Adapters, versi\u00f3n 19.1.0.0.0;<br>\u2022 Oracle GraalVM Enterprise Edition, versiones 20.3.2, 21.1.0;<br>\u2022 Oracle Hospitality Reporting and Analytics, versi\u00f3n 9.1.0;<br>\u2022 Oracle Hospitality Suite8, versiones 8.13, 8.14;<br>\u2022 Oracle Hyperion BI+, versiones 11.1.2.4, 11.2.5.0;<br>\u2022 Oracle Insurance Policy Administration, versiones 11.0.2, 11.1.0-11.3.0;<br>\u2022 Oracle Insurance Policy Administration J2EE, versi\u00f3n 11.0.2;<br>\u2022 Oracle Insurance Rules Palette, versiones 11.0.2, 11.1.0-11.3.0;<br>\u2022 Oracle Java SE, versiones 7u301, 8u291, 11.0.11, 16.0.1;<br>\u2022 Oracle JDeveloper, versiones 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Oracle JDeveloper and ADF, versi\u00f3n 12.2.1.4.0;<br>\u2022 Oracle Managed File Transfer, versiones 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Oracle Outside In Technology, versi\u00f3n 8.5.5;<br>\u2022 Oracle Policy Automation, versiones 12.2.0-12.2.22;<br>\u2022 Oracle Retail Back Office, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Central Office, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Customer Engagement, versiones 16.0-19.0;<br>\u2022 Oracle Retail Customer Management and Segmentation Foundation, versiones 16.0-19.0;<br>\u2022 Oracle Retail Financial Integration, versiones 14.1.3.2, 15.0.3.1, 16.0.3.0;<br>\u2022 Oracle Retail Integration Bus, versiones 14.1.3.2, 15.0.3.1, 16.0.3.0;<br>\u2022 Oracle Retail Merchandising System, versiones 14.1.3.2, 15.0.3.1, 16.0.3;<\/p>\n\n\n\n<p>\u2022 Oracle Retail Order Broker, versiones 15.0, 16.0;<br>\u2022 Oracle Retail Order Management System Cloud Service, versi\u00f3n 19.5;<br>\u2022 Oracle Retail Point-of-Service, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Price Management, versiones 14.0, 14.1, 15.0, 16.0;<br>\u2022 Oracle Retail Returns Management, versi\u00f3n 14.1;<br>\u2022 Oracle Retail Service Backbone, versiones 14.1.3.2, 15.0.3.1, 16.0.3.0;<br>\u2022 Oracle Retail Xstore Point of Service, versiones 16.0.6, 17.0.4, 18.0.3, 19.0.2, 20.0.1;<br>\u2022 Oracle SD-WAN Aware, versiones 8.2, 9.0;<br>\u2022 Oracle SD-WAN Edge, versiones 8.2, 9.0, 9.1;<br>\u2022 Oracle Secure Global Desktop, versi\u00f3n 5.6;<br>\u2022 Oracle Solaris, versi\u00f3n 11;<br>\u2022 Oracle Solaris Cluster, versi\u00f3n 4.4;<br>\u2022 Oracle Transportation Management, versi\u00f3n 6.4.3;<br>\u2022 Oracle VM VirtualBox, versiones anteriores a 6.1.24;<br>\u2022 Oracle WebCenter Portal, versiones 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0;<br>\u2022 Oracle WebLogic Server, versiones 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0;<br>\u2022 Oracle ZFS Storage Appliance Kit, versi\u00f3n 8.8;<br>\u2022 OSS Support Tools, versiones anteriores a 2.12.41;<br>\u2022 PeopleSoft Enterprise CS Campus Community, versiones 9.0, 9.2;<br>\u2022 PeopleSoft Enterprise HCM Candidate Gateway, versi\u00f3n 9.2;<br>\u2022 PeopleSoft Enterprise HCM Shared Components, versi\u00f3n 9.2;<br>\u2022 PeopleSoft Enterprise PeopleTools, versiones 8.57, 8.58, 8.58.8.59, 8.59;<br>\u2022 PeopleSoft Enterprise PT PeopleTools, versiones 8.57, 8.58, 8.59;<br>\u2022 Primavera Gateway, versiones 17.12.0-17.12.11, 18.8.0-18.8.11, 19.12.0-19.12.10, 20.12.0;<br>\u2022 Primavera P6 Enterprise Project Portfolio Management, versiones 17.12.0-17.12.20, 18.8.0-18.8.23, 19.12.0-19.12.14, 20.12.0-20.12.3;<br>\u2022 Primavera Unifier, versiones 17.7-17.12, 18.8, 19.12, 20.12;<br>\u2022 Real-Time Decisions (RTD) Solutions, versi\u00f3n 3.2.0.0;<br>\u2022 Siebel Applications, versiones 21.5 y anteriores;<br>\u2022 StorageTek Tape Analytics SW Tool, versi\u00f3n 2.3.<\/p>\n\n\n\n<p>I. Descripci\u00f3n<\/p>\n\n\n\n<p>Oracle ha publicado una actualizaci\u00f3n cr\u00edtica con parches para corregir vulnerabilidades que afectan a m\u00faltiples productos.<\/p>\n\n\n\n<p>II. Impacto<\/p>\n\n\n\n<p>Esta actualizaci\u00f3n resuelve un total de 342 vulnerabilidades, algunas de las cuales son cr\u00edticas. El detalle de las vulnerabilidades resueltas se puede consultar en el enlace de Oracle de la secci\u00f3n de \u2018Referencias\u2019.<\/p>\n\n\n\n<p>III. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n\n\n\n<p>Aplicar los parches correspondientes seg\u00fan los productos afectados, mediante el siguiente enlace, https:\/\/www.oracle.com\/security-alerts\/cpujul2021.html.<\/p>\n\n\n\n<p>Fuentes:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Instituto Nacional de Ciberseguridad, INCIBE. Avisos Seguridad, Actualizaciones cr\u00edticas en Oracle (julio 2021). 21 de julio del 2021. Recopilado en: https:\/\/www.incibe-cert.es\/alerta-temprana\/avisos-seguridad\/actualizaciones-criticas-oracle-julio-2021<\/li><\/ol>\n\n\n\n<p>Informaci\u00f3n de contacto<br>CSIRT PANAMA<br>Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental<br>E-Mail: info@cert.pa<br>Phone: +507 520-CERT (2378)<br>Web: https:\/\/cert.pa<br>Twitter: @CSIRTPanama<br>Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2021-07-22 Oracle: Actualizaciones cr\u00edticas en Oracle Gravedad: AltaFecha de publicaci\u00f3n: Julio 22, 2021\u00daltima revisi\u00f3n: Julio 22, 2021Sitio web: https:\/\/www.oracle.com\/Sistemas afectados:\u2022 Big Data Spatial and Graph, versiones anteriores a 2.0, anteriores a 23.1;\u2022&#8230;<\/p>\n","protected":false},"author":4,"featured_media":2275,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2836","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2836","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2836"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2836\/revisions"}],"predecessor-version":[{"id":2837,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2836\/revisions\/2837"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/2275"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2836"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2836"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2836"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}