BULLETIN D'ALERTES
| Object | Multiples vulnérabilités dans Oracle |
|---|---|
| Réference | 1019 |
| Date de Publication | 2023-01-19 |
| Sévérité | Elevé |
IMPACT :
- Exécution de code arbitraire à distance
- Déni de service
- Perte de confidentialité
- Perte d'intégrité
SYSTÉME AFFECTÉ :
- MySQL Cluster 7.4.38 et antérieures, 7.5.28 et antérieures, 7.6.24 et antérieures, 8.0.31 et antérieures
- MySQL Connectors, MySQL Shell, MySQL Workbench 8.0.31 et antérieures
- MySQL Enterprise Monitor 8.0.32 et antérieures
- MySQL Server 5.7.40 et antérieures, 8.0.31 et antérieures
- Oracle VM VirtualBox antérieures à 6.1.42, antérieures à 7.0.6
- Oracle Business Intelligence Enterprise Edition 5.9.0.0.0, 6.4.0.0.0
- Oracle Access Manager 12.2.1.4.0
- Oracle BI Publisher 5.9.0.0.0, 6.4.0.0.0, 12.2.1.4.0
- Oracle Business Intelligence Enterprise Edition 5.9.0.0.0, 6.4.0.0.0
- Oracle Coherence 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0
- Oracle Fusion Middleware MapViewer, Oracle HTTP Server, Oracle Middleware Common Libraries and Tools, Oracle Web Services Manager, Oracle WebCenter Content, Oracle WebCenter Sites 12.2.1.4.0
- Oracle Fusion Middleware MapViewer 12.2.1.4.0
- Oracle Global Lifecycle Management NextGen OUI Framework antérieures à 13.9.4.2.11
- Oracle Outside In Technology 8.5.6
- Oracle WebLogic Server 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0
- Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers antérieures à XCP2411, antérieures à XCP3111, antérieures à XCP4011
- Oracle Solaris 11
- Solaris 10
- Oracle Database Server 19c, 21c
- Oracle Java SE 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1
- Oracle GraalVM Enterprise Edition 20.3.8, 21.3.4, 22.3.0 20.3.8, 21.3.4, 22.3.0
DÉSCRIPTION :
Des nombreuses vulnérabilités ont été découvertes dans les produits Oracle susmentionné.
Ces vulnérabilités permettent à un attaquant distant d'exécuter du code arbitraire ,un déni de service à distance et une atteinte à la confidentialité des données.
SOLUTION :
Mettre à jour vos produits Oracle.(se réfère à la section documentation)
DOCUMENTATION :
- Bulletin de sécurité Oracle du 18-01-2023
https://www.oracle.com/security-alerts/cpujan2023.html - CVE-2023-21893
https://www.cve.org/CVERecord?id=CVE-2023-21893 - CVE-2021-3737
https://www.cve.org/CVERecord?id=CVE-2021-3737 - CVE-2022-42003
https://www.cve.org/CVERecord?id=CVE-2022-42003 - CVE-2023-21829
https://www.cve.org/CVERecord?id=CVE-2023-21829 - CVE-2022-39429
https://www.cve.org/CVERecord?id=CVE-2022-39429 - CVE-2020-10735
https://www.cve.org/CVERecord?id=CVE-2020-10735 - CVE-2018-25032
https://www.cve.org/CVERecord?id=CVE-2018-25032 - CVE-2023-21827
https://www.cve.org/CVERecord?id=CVE-2023-21827 - CVE-2022-43548
https://www.cve.org/CVERecord?id=CVE-2022-43548 - CVE-2023-21835
https://www.cve.org/CVERecord?id=CVE-2023-21835 - CVE-2023-21830
https://www.cve.org/CVERecord?id=CVE-2023-21830 - CVE-2023-21843
https://www.cve.org/CVERecord?id=CVE-2023-21843 - CVE-2022-31692
https://www.cve.org/CVERecord?id=CVE-2022-31692 - CVE-2022-32221
https://www.cve.org/CVERecord?id=CVE-2022-32221 - CVE-2022-37434
https://www.cve.org/CVERecord?id=CVE-2022-37434 - CVE-2020-36242
https://www.cve.org/CVERecord?id=CVE-2020-36242 - CVE-2022-24407
https://www.cve.org/CVERecord?id=CVE-2022-24407 - CVE-2022-40304
https://www.cve.org/CVERecord?id=CVE-2022-40304 - CVE-2022-3171
https://www.cve.org/CVERecord?id=CVE-2022-3171 - CVE-2022-1941
https://www.cve.org/CVERecord?id=CVE-2022-1941 - CVE-2022-42252
https://www.cve.org/CVERecord?id=CVE-2022-42252 - CVE-2022-22971
https://www.cve.org/CVERecord?id=CVE-2022-22971 - CVE-2023-21868
https://www.cve.org/CVERecord?id=CVE-2023-21868 - CVE-2023-21860
https://www.cve.org/CVERecord?id=CVE-2023-21860 - CVE-2023-21875
https://www.cve.org/CVERecord?id=CVE-2023-21875 - CVE-2023-21869
https://www.cve.org/CVERecord?id=CVE-2023-21869 - CVE-2023-21877
https://www.cve.org/CVERecord?id=CVE-2023-21877 - CVE-2023-21880
https://www.cve.org/CVERecord?id=CVE-2023-21880 - CVE-2023-21872
https://www.cve.org/CVERecord?id=CVE-2023-21872 - CVE-2023-21871
https://www.cve.org/CVERecord?id=CVE-2023-21871 - CVE-2023-21836
https://www.cve.org/CVERecord?id=CVE-2023-21836 - CVE-2023-21887
https://www.cve.org/CVERecord?id=CVE-2023-21887 - CVE-2023-21863
https://www.cve.org/CVERecord?id=CVE-2023-21863 - CVE-2023-21864
https://www.cve.org/CVERecord?id=CVE-2023-21864 - CVE-2023-21865
https://www.cve.org/CVERecord?id=CVE-2023-21865 - CVE-2023-21866
https://www.cve.org/CVERecord?id=CVE-2023-21866 - CVE-2023-21867
https://www.cve.org/CVERecord?id=CVE-2023-21867 - CVE-2023-21870
https://www.cve.org/CVERecord?id=CVE-2023-21870 - CVE-2023-21873
https://www.cve.org/CVERecord?id=CVE-2023-21873 - CVE-2023-21876
https://www.cve.org/CVERecord?id=CVE-2023-21876 - CVE-2023-21878
https://www.cve.org/CVERecord?id=CVE-2023-21878 - CVE-2023-21879
https://www.cve.org/CVERecord?id=CVE-2023-21879 - CVE-2023-21881
https://www.cve.org/CVERecord?id=CVE-2023-21881 - CVE-2023-21883
https://www.cve.org/CVERecord?id=CVE-2023-21883 - CVE-2023-21840
https://www.cve.org/CVERecord?id=CVE-2023-21840 - CVE-2023-21882
https://www.cve.org/CVERecord?id=CVE-2023-21882 - CVE-2023-21874
https://www.cve.org/CVERecord?id=CVE-2023-21874 - CVE-2021-3918
https://www.cve.org/CVERecord?id=CVE-2021-3918 - CVE-2022-25857
https://www.cve.org/CVERecord?id=CVE-2022-25857 - CVE-2022-31129
https://www.cve.org/CVERecord?id=CVE-2022-31129 - CVE-2022-27782
https://www.cve.org/CVERecord?id=CVE-2022-27782 - CVE-2022-40149
https://www.cve.org/CVERecord?id=CVE-2022-40149 - CVE-2023-21844
https://www.cve.org/CVERecord?id=CVE-2023-21844 - CVE-2023-21845
https://www.cve.org/CVERecord?id=CVE-2023-21845 - CVE-2023-21831
https://www.cve.org/CVERecord?id=CVE-2023-21831 - CVE-2022-23219
https://www.cve.org/CVERecord?id=CVE-2022-23219 - CVE-2023-21900
https://www.cve.org/CVERecord?id=CVE-2023-21900 - CVE-2023-21886
https://www.cve.org/CVERecord?id=CVE-2023-21886 - CVE-2023-21898
https://www.cve.org/CVERecord?id=CVE-2023-21898 - CVE-2023-21899
https://www.cve.org/CVERecord?id=CVE-2023-21899 - CVE-2023-21884
https://www.cve.org/CVERecord?id=CVE-2023-21884 - CVE-2023-21885
https://www.cve.org/CVERecord?id=CVE-2023-21885 - CVE-2023-21889
https://www.cve.org/CVERecord?id=CVE-2023-21889 - CVE-2018-7489
https://www.cve.org/CVERecord?id=CVE-2018-7489 - CVE-2022-42920
https://www.cve.org/CVERecord?id=CVE-2022-42920 - CVE-2022-40150
https://www.cve.org/CVERecord?id=CVE-2022-40150 - CVE-2022-40153
https://www.cve.org/CVERecord?id=CVE-2022-40153 - CVE-2022-25647
https://www.cve.org/CVERecord?id=CVE-2022-25647 - CVE-2023-21842
https://www.cve.org/CVERecord?id=CVE-2023-21842 - CVE-2023-21837
https://www.cve.org/CVERecord?id=CVE-2023-21837 - CVE-2023-21838
https://www.cve.org/CVERecord?id=CVE-2023-21838 - CVE-2023-21839
https://www.cve.org/CVERecord?id=CVE-2023-21839 - CVE-2023-21841
https://www.cve.org/CVERecord?id=CVE-2023-21841