Ref# ADV2023_18 | Date: Jan 19th 2023

---

Oracle has published a security advisory to address vulnerabilities affecting the following products on the 17th of January 2023. It is recommended that you take the necessary precautions to ensure your products are always protected. 

• Enterprise Manager Base Platform versions 13.4.0.0 and 13.5.0.0 

• Fujitsu Servers multiple versions and platforms 

• JD Edwards EnterpriseOne Orchestrator versions prior to 9.2.7.2 

• Management Cloud Engine version 22.1.0.0.0 

• Middleware Common Libraries and Tools versions 12.2.1.4.0 and 14.1.1.0.0 

• MySQL Enterprise Monitor version 8.0.32 and prior 

• MySQL Server multiple versions 

• MySQL Shell version 8.0.31 and prior 

• MySQL Workbench version 8.0.31 and prior 

• Oracle Banking Enterprise Default Management version 2.7.0 

• Oracle Banking Party Management version 2.7.0 

• Oracle Business Intelligence Enterprise Edition versions 5.9.0.0.0 and 6.4.0.0.0 

• Oracle Coherence versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 

• Oracle Commerce Guided Search version 11.3.2 

• Oracle Communications multiple versions and platforms 

• Oracle Essbase version 21.4 

• Oracle Financial Services Crime and Compliance Management Studio version 8.0.8.3.1 

• Oracle Global Lifecycle Management NextGen OUI Framework version prior to 13.9.4.2.11 

• Oracle Health Sciences Empirica Signal versions 9.1.0.52 and 9.2.0.52 

• Oracle Healthcare Data Repository version 8.1.0.0 to 8.1.3.1 

• Oracle Healthcare Translational Research version 4.1.0.0 to 4.1.1.1 

• Oracle HTTP Server version 12.2.1.4.0 

• Oracle Hyperion Infrastructure Technology version 11.2.10 

• Oracle Middleware Common Libraries and Tools version 12.2.1.4.0 

• Oracle Outside In Technology version 8.5.6 

• Oracle Utilities Framework versions 4.4.0.3.0 and 4.5.0.0.0 

• Oracle Utilities Network Management System multiple versions 

• Oracle WebCenter Content version 12.2.1.4.0 

• Oracle WebCenter Sites version 12.2.1.4.0 

• Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 

• OSS Support Tools versions 2.12.43, 22.4.22.10.18 and 22.2.22.4.5 

• PeopleSoft Enterprise CC Common Application Objects version 9.2 

• PeopleSoft Enterprise PeopleTools versions 8.58, 8.59 and 8.60 

• Primavera Gateway multiple versions 

• Siebel CRM version 22.10 and prior 

For more information on these updates, you can follow this URL: 
https://www.oracle.com/security-alerts/cpujan2023.html    

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDf Download: Oracle Security Advisory.pdf

References 

• Oracle Critical Patch Update Advisory – January 2023. (17th of January 2023). Reviewed from Oracle:  
  https://www.oracle.com/security-alerts/cpujan2023.html 

• Oracle security advisory January 2023 quarterly rollup (AV23-036) (18th of January 2023). Reviewed from Canadian Centre for Cyber Security: 
  https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av23-036