Ref# ADV2022_250 | Date: Oct 21st 2022

---

Oracle has published a security advisory to address vulnerabilities affecting multiple products on the 18th of October 2022. It is recommended that you take the necessary precautions to ensure your products are always protected. 

• Application Management Pack for Oracle E-Business Suite version 13.4.1.0.0 

• Enterprise Manager Base Platform version 13.4.0.0 

• Enterprise Manager Ops Center version 12.4.0.0 

• JD Edwards EnterpriseOne Tools version 9.2.6.3 and prior 

• MySQL Enterprise Backup version 4.1.4 and prior 

• Oracle Agile Engineering Data Management version 6.2.1.0 

• Oracle Business Intelligence Enterprise Edition version 5.9.0.0 and 6.4.0.0 

• Oracle Commerce Platform versions 11.3.0 to 11.3.2 

• Oracle Communications multiple versions and platforms 

• Oracle Data Integrator version 12.2.1.4.0 

• Oracle Enterprise Operations Monitor versions 4.4 and 5.0 

• Oracle Financial Services Analytical Applications Infrastructure multiple versions 

• Oracle GoldenGate version 19c 

• Oracle GraalVM Enterprise Edition multiple versions 

• Oracle Healthcare Foundation version 8.1 and 8.2 

• Oracle HTTP Server version 12.2.1.3.0 and 12.2.1.4.0 

• Oracle Hyperion Infrastructure Technology version 11.2.9 

• Oracle Middleware Common Libraries and Tools version 12.2.1.3.0 

• Oracle Outside in Technology version 8.5.6 

• Oracle Retail Fiscal Management version 14.2 

• Oracle SD-WAN Edge version 7.0.7 and 9.1.1.2.0 

• Oracle Secure Backup versions prior to 18.1.0.2.0 

• Oracle Utilities Testing Accelerator multiple versions 

• Oracle Web Applications Desktop Integrator version 12.2.3 to 12.2.11 

• Oracle WebCenter Content version 12.2.1.3.0 

• Oracle WebCenter Portal version 12.2.1.3.0 and 12.2.1.4.0 

• Oracle WebCenter Sites version 12.2.1.3.0 and 12.2.1.4.0 

• Siebel Apps (Marketing) version 22.8 and prior 

For more information on these updates, you can follow this URL: 

https://www.oracle.com/security-alerts/cpuoct2022.html  

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download: Oracle Security Advisory.pdf

References 

• Oracle Critical Patch Update Advisory – October 2022. (18th of October 2022). Reviewed from Oracle:  
  https://www.oracle.com/security-alerts/cpuoct2022.html

• Oracle security advisory October 2022 quarterly rollup (AV22-588). (19th of October 2022). Reviewed from Canadian Centre for Cyber Security: 
  https://cyber.gc.ca/en/alerts-advisories/oracle-security-advisory-october-2022-quarterly-rollup-av22-588