□ 개요
o 오라클社 CPU에서 자사 제품의 보안 취약점 402개에 대한 패치를 발표 [1]
※ CPU(Critical Patch Update) : 오라클 중요 보안 업데이트
o 영향받는 버전의 사용자는 악성코드 감염 등에 취약할 수 있으므로, 아래 해결 방안에 따라 최신 버전으로 업데이트 권고
□ 영향받는 제품 및 버전
| ApplicationPerformanceManagement(APM),versions13.3.0.0,13.4.0.0 |
| BigDataSpatialandGraph,versionspriorto3.0 |
| EnterpriseManagerBasePlatform,versions13.2.1.0,13.3.0.0,13.4.0.0 |
| EnterpriseManagerforPeoplesoft,version13.4.1.1 |
| EnterpriseManagerforStorageManagement,versions13.3.0.0,13.4.0.0 |
| EnterpriseManagerOpsCenter,version12.4.0.0 |
| FujitsuM10-1,M10-4,M10-4S,M12-1,M12-2,M12-2SServers,versionspriortoXCP2362,priortoXCP3090 |
| FujitsuM12-1,M12-2,M12-2SServers,versionspriortoXCP3090 |
| HyperionAnalyticProviderServices,version11.1.2.4 |
| HyperionBI+,version11.1.2.4 |
| HyperionEssbase,version11.1.2.4 |
| HyperionInfrastructureTechnology,version11.1.2.4 |
| HyperionLifecycleManagement,version11.1.2.4 |
| HyperionPlanning,version11.1.2.4 |
| IdentityManagerConnector,version9.0 |
| InstantisEnterpriseTrack,versions17.1,17.2,17.3 |
| ManagementPackforOracleGoldenGate,version12.2.1.2.0 |
| MySQLCluster,versions7.3.30andprior,7.4.29andprior,7.5.19andprior,7.6.15andprior,8.0.21andprior |
| MySQLEnterpriseMonitor,versions8.0.21andprior |
| MySQLServer,versions5.6.49andprior,5.7.31andprior,8.0.21andprior |
| MySQLWorkbench,versions8.0.21andprior |
| OracleAccessManager,version11.1.2.3.0 |
| OracleAgilePLM,versions9.3.3,9.3.5,9.3.6 |
| OracleAgileProductLifecycleManagementforProcess,version6.2.0.0 |
| OracleApplicationExpress,versionspriorto20.2 |
| OracleApplicationTestingSuite,version13.3.0.1 |
| OracleBankingCorporateLending,versions12.3.0,14.0.0-14.4.0 |
| OracleBankingDigitalExperience,versions18.1,18.2,18.3,19.1,19.2,20.1 |
| OracleBankingPayments,versions14.1.0-14.4.0 |
| OracleBankingPlatform,versions2.4.0-2.10.0 |
| OracleBIPublisher,versions5.5.0.0.0,11.1.1.9.0,12.2.1.3.0,12.2.1.4.0 |
| OracleBusinessIntelligenceEnterpriseEdition,versions5.5.0.0.0,11.1.1.9.0,12.2.1.3.0,12.2.1.4.0 |
| OracleBusinessProcessManagementSuite,versions12.2.1.3.0,12.2.1.4.0 |
| OracleCommunicationsApplicationSessionController,versions3.8m0,3.9m0p1 |
| OracleCommunicationsBillingandRevenueManagement,versions7.5.0.23.0,12.0.0.2.0,12.0.0.3.0 |
| OracleCommunicationsBRM-ElasticChargingEngine,versions11.3.0.9.0,12.0.0.3.0 |
| OracleCommunicationsDiameterSignalingRouter(DSR),versions8.0.0.0-8.4.0.5,[IDIH]8.0.0-8.2.2 |
| OracleCommunicationsEAGLESoftware,versions46.6.0-46.8.2 |
| OracleCommunicationsElementManager,versions8.2.0-8.2.2 |
| OracleCommunicationsEvolvedCommunicationsApplicationServer,version7.1 |
| OracleCommunicationsMessagingServer,version8.1 |
| OracleCommunicationsOfflineMediationController,version12.0.0.3.0 |
| OracleCommunicationsServicesGatekeeper,version7 |
| OracleCommunicationsSessionBorderController,versions8.2-8.4 |
| OracleCommunicationsSessionReportManager,versions8.2.0-8.2.2 |
| OracleCommunicationsSessionRouteManager,versions8.2.0-8.2.2 |
| OracleCommunicationsUnifiedInventoryManagement,versions7.3.0,7.4.0 |
| OracleCommunicationsWebRTCSessionController,version7.2 |
| OracleDataIntegrator,versions11.1.1.9.0,12.2.1.3.0 |
| OracleDatabaseServer,versions11.2.0.4,12.1.0.2,12.2.0.1,18c,19c |
| OracleE-BusinessSuite,versions12.1.1-12.1.3,12.2.3-12.2.10 |
| OracleEndecaInformationDiscoveryIntegrator,version3.2.0 |
| OracleEndecaInformationDiscoveryStudio,version3.2.0 |
| OracleEnterpriseRepository,version11.1.1.7.0 |
| OracleEnterpriseSessionBorderController,version8.4 |
| OracleFinancialServicesAnalyticalApplicationsInfrastructure,versions8.0.6-8.1.0 |
| OracleFinancialServicesAnalyticalApplicationsReconciliationFramework,versions8.0.6-8.0.8,8.1.0 |
| OracleFinancialServicesAssetLiabilityManagement,versions8.0.6,8.0.7,8.1.0 |
| OracleFinancialServicesBalanceSheetPlanning,version8.0.8 |
| OracleFinancialServicesBaselRegulatoryCapitalBasic,versions8.0.6-8.0.8,8.1.0 |
| OracleFinancialServicesBaselRegulatoryCapitalInternalRatingsBasedApproach,versions8.0.6-8.0.8,8.1.0 |
| OracleFinancialServicesDataFoundation,versions8.0.6-8.1.0 |
| OracleFinancialServicesDataGovernanceforUSRegulatoryReporting,versions8.0.6-8.0.9 |
| OracleFinancialServicesDataIntegrationHub,versions8.0.6,8.0.7,8.1.0 |
| OracleFinancialServicesFundsTransferPricing,versions8.0.6,8.0.7,8.1.0 |
| OracleFinancialServicesHedgeManagementandIFRSValuations,versions8.0.6-8.0.8,8.1.0 |
| OracleFinancialServicesInstitutionalPerformanceAnalytics,versions8.0.6,8.0.7,8.1.0,8.7.0 |
| OracleFinancialServicesLiquidityRiskManagement,version8.0.6 |
| OracleFinancialServicesLiquidityRiskMeasurementandManagement,versions8.0.7,8.0.8,8.1.0 |
| OracleFinancialServicesLoanLossForecastingandProvisioning,versions8.0.6-8.0.8,8.1.0 |
| OracleFinancialServicesMarketRiskMeasurementandManagement,versions8.0.6,8.0.8,8.1.0 |
| OracleFinancialServicesPriceCreationandDiscovery,versions8.0.6,8.0.7 |
| OracleFinancialServicesProfitabilityManagement,versions8.0.6,8.0.7,8.1.0 |
| OracleFinancialServicesRegulatoryReportingforEuropeanBankingAuthority,versions8.0.6-8.1.0 |
| OracleFinancialServicesRegulatoryReportingforUSFederalReserve,versions8.0.6-8.0.9 |
| OracleFinancialServicesRegulatoryReportingwithAgileREPORTER,version8.0.9.2.0 |
| OracleFinancialServicesRetailCustomerAnalytics,version8.0.6 |
| OracleFLEXCUBECoreBanking,versions5.2.0,11.5.0-11.7.0 |
| OracleFLEXCUBEDirectBanking,versions12.0.1,12.0.2,12.0.3 |
| OracleFLEXCUBEPrivateBanking,versions12.0.0,12.1.0 |
| OracleFLEXCUBEUniversalBanking,versions12.3.0,14.0.0-14.4.0 |
| OracleGoldenGateApplicationAdapters,versions12.3.2.1.0,19.1.0.0.0 |
| OracleGraalVMEnterpriseEdition,versions19.3.3,20.2.0 |
| OracleHealthSciencesEmpiricaSignal,version9.0 |
| OracleHealthcareDataRepository,version7.0.1 |
| OracleHealthcareFoundation,versions7.1.1,7.2.0,7.2.1,7.3.0 |
| OracleHospitalityGuestAccess,versions4.2.0,4.2.1 |
| OracleHospitalityMaterialsControl,version18.1 |
| OracleHospitalityOPERA5PropertyServices,versions5.5,5.6 |
| OracleHospitalityReportingandAnalytics,version9.1.0 |
| OracleHospitalityRES3700,version5.7 |
| OracleHospitalitySimphony,versions18.1,18.2,19.1.0-19.1.2 |
| OracleHospitalitySuite8,versions8.10.2,8.11-8.15 |
| OracleHTTPServer,versions12.2.1.3.0,12.2.1.4.0 |
| OracleInsuranceAccountingAnalyzer,version8.0.9 |
| OracleInsuranceAllocationManagerforEnterpriseProfitability,versions8.0.8,8.1.0 |
| OracleInsuranceDataFoundation,versions8.0.6-8.1.0 |
| OracleInsuranceInsbridgeRatingandUnderwriting,versions5.0.0.0-5.6.0.0,5.6.1.0 |
| OracleInsurancePolicyAdministrationJ2EE,versions10.2.0.37,10.2.4.12,11.0.2.25,11.1.0.15,11.2.0.26,11.2.2.0 |
| OracleInsuranceRulesPalette,versions10.2.0.37,10.2.4.12,11.0.2.25,11.1.0.15,11.2.0.26 |
| OracleJavaSE,versions7u271,8u261,11.0.8,15 |
| OracleJavaSEEmbedded,version8u261 |
| OracleJDeveloper,versions11.1.1.9.0,12.2.1.3.0,12.2.1.4.0 |
| OracleManagedFileTransfer,versions12.2.1.3.0,12.2.1.4.0 |
| OracleOutsideInTechnology,versions8.5.4,8.5.5 |
| OraclePolicyAutomation,versions12.2.0-12.2.20 |
| OraclePolicyAutomationConnectorforSiebel,version10.4.6 |
| OraclePolicyAutomationforMobileDevices,versions12.2.0-12.2.20 |
| OracleRESTDataServices,versions11.2.0.4,12.1.0.2,12.2.0.1,18c,19c,[StandaloneORDS]priorto20.2.1 |
| OracleRetailAdvancedInventoryPlanning,version14.1 |
| OracleRetailAssortmentPlanning,versions15.0.3.0,16.0.3.0 |
| OracleRetailBackOffice,versions14.0,14.1 |
| OracleRetailBulkDataIntegration,versions15.0.3.0,16.0.3.0 |
| OracleRetailCentralOffice,versions14.0,14.1 |
| OracleRetailCustomerManagementandSegmentationFoundation,versions18.0,19.0 |
| OracleRetailIntegrationBus,versions14.1,15.0,16.0 |
| OracleRetailOrderBroker,versions15.0,16.0,18.0,19.0,19.1,19.2,19.3 |
| OracleRetailPoint-of-Service,versions14.0,14.1 |
| OracleRetailPredictiveApplicationServer,versions14.1.3.0,15.0.3.0,16.0.3.0 |
| OracleRetailPriceManagement,versions14.0.4,14.1.3.0,15.0.3.0,16.0.3.0 |
| OracleRetailReturnsManagement,versions14.0,14.1 |
| OracleRetailServiceBackbone,versions14.1,15.0,16.0 |
| OracleRetailXstorePointofService,versions15.0.3,16.0.5,17.0.3,18.0.2,19.0.1 |
| OracleSolaris,versions10,11 |
| OracleTimesTenIn-MemoryDatabase,versionspriorto11.2.2.8.49,priorto18.1.3.1.0,priorto18.1.4.1.0 |
| OracleTransportationManagement,version6.3.7 |
| OracleUtilitiesFramework,versions2.2.0.0.0,4.2.0.2.0,4.2.0.3.0,4.3.0.1.0-4.3.0.6.0,4.4.0.0.0,4.4.0.2.0 |
| OracleVMVirtualBox,versionspriorto6.1.16 |
| OracleWebCenterPortal,versions11.1.1.9.0,12.2.1.3.0,12.2.1.4.0 |
| OracleWebLogicServer,versions10.3.6.0.0,12.1.3.0.0,12.2.1.3.0,12.2.1.4.0,14.1.1.0.0 |
| OracleZFSStorageApplianceKit,version8.8 |
| PeopleSoftEnterpriseHCMGlobalPayrollCore,version9.2 |
| PeopleSoftEnterprisePeopleTools,versions8.56,8.57,8.58 |
| PeopleSoftEnterpriseSCMeSupplierConnection,version9.2 |
| PrimaveraGateway,versions16.2.0-16.2.11,17.12.0-17.12.8 |
| PrimaveraUnifier,versions16.1,16.2,17.7-17.12,18.8,19.12 |
| SiebelApplications,versions20.7,20.8 |
□ 작성 : 침해사고분석단 취약점분석팀 |
