一、概述
2025年4月16日,绿盟科技CERT监测到Oracle官方发布了4月重要补丁更新公告CPU(Critical Patch Update),此次共修复了390个不同程度的漏洞,本次安全更新涉及Oracle MySQL Connectors、Oracle MySQL Server、Oracle Java SE、Oracle Fusion Middleware、Oracle Financial Services Applications、Oracle Communications Applications等多个常用产品。Oracle强烈建议客户尽快应用关键补丁更新修复程序,对漏洞进行修复。
参考链接:
https://www.oracle.com/security-alerts/cpuapr2025.html
二、重点漏洞概述
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
Oracle MySQL Connectors内存破坏漏洞(CVE-2025-30706):
Oracle MySQL Connectors中存在内存破坏漏洞。具有普通用户权限的攻击者可通过多种协议进行网络访问,从而接管MySQL Connectors。CVSS评分为7.5。
Oracle VM VirtualBox身份验证绕过漏洞(CVE-2025-30712):
Oracle VM VirtualBox中存在身份验证绕过漏洞。未经身份验证的攻击者可登录Oracle VM VirtualBox的基础设施,从而增删改查所有Oracle VM VirtualBox可访问的数据及导致部分拒绝服务。CVSS评分为8.1。
Oracle Common Applications身份验证绕过漏洞(CVE-2025-30716):
Oracle Common Applications中存在身份验证绕过漏洞。未经身份验证的攻击者可通过构造HTTP请求绕过Oracle Common Applications验证,从而查询所有Oracle Common Applications可访问的数据。CVSS评分为7.5。
Oracle官方4月关键补丁更新漏洞总结如下:
| 产品 | 漏洞个数 | 未授权远程利用的个数 | 最高CVSS评分 |
| Oracle Database Products Risk Matrices | 7 | 3 | 7.4 |
| Oracle Database Server | 7 | 3 | 7.4 |
| Oracle Application Express | 1 | 1 | 7.5 |
| Oracle Autonomous Health Framework | 1 | 1 | 7.5 |
| Oracle Essbase | 1 | 0 | 4.1 |
| Oracle GoldenGate | 4 | 2 | 7.5 |
| Oracle Graph Server and Client | 1 | 1 | 5.3 |
| Oracle NoSQL Database | 1 | 0 | 6.7 |
| Oracle REST Data Services | 1 | 0 | 6.7 |
| Oracle Secure Backup | 1 | 0 | 6.7 |
| Oracle SQL Developer | 2 | 2 | 7.5 |
| Oracle TimesTen In-Memory Database | 2 | 2 | 7.5 |
| Oracle Commerce | 6 | 5 | 9.8 |
| Oracle Communications Applications | 42 | 35 | 9.8 |
| Oracle Communications | 103 | 82 | 9.8 |
| Oracle Construction and Engineering | 7 | 6 | 7.5 |
| Oracle E-Business Suite | 16 | 11 | 9.8 |
| Oracle Enterprise Manager | 4 | 4 | 9.8 |
| Oracle Financial Services Applications | 34 | 22 | 9.8 |
| Oracle Food and Beverage Applications | 3 | 2 | 7.6 |
| Oracle Fusion Middleware | 31 | 26 | 9.8 |
| Oracle Analytics | 15 | 11 | 9.8 |
| Oracle Hospitality Applications | 3 | 2 | 9.8 |
| Oracle Hyperion | 3 | 2 | 9.1 |
| Oracle Insurance Applications | 1 | 1 | 7.5 |
| Oracle Java SE | 6 | 5 | 7.7 |
| Oracle JD Edwards | 8 | 5 | 9.8 |
| Oracle MySQL | 43 | 2 | 9.1 |
| Oracle PeopleSoft | 4 | 1 | 8.1 |
| Oracle Policy Automation | 3 | 3 | 7.5 |
| Oracle Retail Applications | 11 | 11 | 9.8 |
| Oracle Siebel CRM | 4 | 2 | 7.5 |
三、漏洞防护
-
- 补丁更新
请用户参考本文附录“受影响产品及补丁信息”及时下载受影响产品更新补丁,并参照补丁安装包中的readme文件进行安装更新,以保证长期有效的防护。
注:Oracle官方补丁需要用户持有正版软件的许可账号,使用该账号登陆https://support.oracle.com后,可以下载最新补丁。
- Weblogic临时防护措施
- 限制T3协议访问
若相关用户暂时无法安装补丁或不通过T3协议进行JVM通信,可使用下列措施阻断针对利用T3协议漏洞的攻击:
WebLogic Server提供了名为 weblogic.security.net.ConnectionFilterImpl 的默认连接筛选器,此连接筛选器接受所有传入连接,可通过此连接筛选器配置规则,对T3及T3s协议进行访问控制,详细操作步骤如下:
- 进入Weblogic控制台,在base_domain的配置页面中,进入“安全”选项卡页面,点击“筛选器”,进入连接筛选器配置。
- 在连接筛选器中输入:security.net.ConnectionFilterImpl,参考以下写法,在连接筛选器规则中配置符合企业实际情况的规则:
| 127.0.0.1 * * allow t3 t3s
本机IP * * allow t3 t3s 允许访问的IP * * allow t3 t3s * * * deny t3 t3s |
| 连接筛选器规则格式如下:target localAddress localPort action protocols,其中:
l target 指定一个或多个要筛选的服务器。 l localAddress 可定义服务器的主机地址。(如果指定为一个星号 (*),则返回的匹配结果将是所有本地 IP 地址。) l localPort 定义服务器正在监听的端口。(如果指定了星号,则匹配返回的结果将是服务器上所有可用的端口)。 l action 指定要执行的操作。(值必须为“allow”或“deny”。) protocols 是要进行匹配的协议名列表。(必须指定下列其中一个协议:http、https、t3、t3s、giop、giops、dcom 或 ftp。) 如果未定义协议,则所有协议都将与一个规则匹配。 |
- 保存后若规则未生效,建议重新启动Weblogic服务(重启Weblogic服务会导致业务中断,建议相关人员评估风险后,再进行操作)。以Windows环境为例,重启服务的步骤如下:
- 进入域所在目录下的bin目录,在Windows系统中运行cmd文件终止weblogic服务,Linux系统中则运行stopWebLogic.sh文件。
- 待终止脚本执行完成后,再运行cmd或startWebLogic.sh文件启动Weblogic,即可完成Weblogic服务重启。
参考链接:https://docs.oracle.com/cd/E24329_01/web.1211/e24485/con_filtr.htm#SCPRG377
- 禁用IIOP协议
用户可通过关闭IIOP协议阻断针对利用IIOP协议漏洞的攻击,操作如下:
在Weblogic控制台中,选择“服务”->”AdminServer”->”协议”,取消“启用IIOP”的勾选。并重启Weblogic项目,使配置生效。
附录 受影响产品及补丁信息
| 受影响产品及版本号 | 可用补丁 |
| Autonomous Health Framework, versions 23.8.0-23.11.0, 24.1.0-24.11.0, 25.1.0, 25.2.0 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| GoldenGate Stream Analytics, versions 19.1.0.0.0-19.1.0.0.10 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| JD Edwards EnterpriseOne Tools, versions 9.2.0.0-9.2.9.2 | https://support.oracle.com/rs?type=doc&id=3078792.1 |
| Management Cloud Engine, version 24.3.0 | https://support.oracle.com/rs?type=doc&id=3079189.1 |
| MySQL Client, versions 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| MySQL Cluster, versions 7.6.0-7.6.33, 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| MySQL Connectors, versions 9.0.0-9.2.0 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| MySQL Enterprise Backup, versions 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| MySQL Server, versions 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| MySQL Shell, versions 8.0.32-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| MySQL Workbench, versions 8.0.0-8.0.41 | https://support.oracle.com/rs?type=doc&id=3078827.1 |
| Oracle Access Manager, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Agile Engineering Data Management, version 6.2.1 | https://support.oracle.com/rs?type=doc&id=3078833.1 |
| Oracle Application Express, versions 23.2.15, 23.2.16, 24.1.9, 24.1.10, 24.2.3, 24.2.4 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Application Testing Suite, version 13.3.0.1 | https://support.oracle.com/rs?type=doc&id=3070733.1 |
| Oracle Banking APIs, versions 21.1.0.0.0, 22.1.0.0.0, 22.2.0.0.0 | https://support.oracle.com |
| Oracle Banking Corporate Lending Process Management, versions 14.5.0.0.0-14.7.0.0.0 | https://support.oracle.com |
| Oracle Banking Digital Experience, versions 21.1.0.0.0, 22.1.0.0.0, 22.2.0.0.0 | https://support.oracle.com |
| Oracle Banking Liquidity Management, version 14.7.0.7.0 | https://support.oracle.com |
| Oracle Banking Origination, versions 14.5.0.0.0-14.7.0.0.0 | https://support.oracle.com |
| Oracle BI Publisher, versions 7.6.0.0.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078843.2 |
| Oracle Business Activity Monitoring, version 14.1.2.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Business Intelligence Enterprise Edition, versions 7.6.0.0.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078843.2 |
| Oracle Business Process Management Suite, versions 12.2.1.4.0, 14.1.2.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Coherence, versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Commerce Guided Search, versions 11.3.2, 11.4.0 | https://support.oracle.com/rs?type=doc&id=3078810.1 |
| Oracle Commerce Merchandising, versions 11.3.0, 11.3.1, 11.3.2 | https://support.oracle.com/rs?type=doc&id=3078810.1 |
| Oracle Commerce Platform, versions 11.3.0, 11.3.1, 11.3.2, 11.4.0 | https://support.oracle.com/rs?type=doc&id=3078810.1 |
| Oracle Communications Billing and Revenue Management, versions 12.0.0.4.0-12.0.0.8.0, 15.0.0.0.0-15.0.1.0.0 | https://support.oracle.com/rs?type=doc&id=3077261.1 |
| Oracle Communications Cloud Native Core Binding Support Function, versions 24.2.0-24.2.2 | https://support.oracle.com/rs?type=doc&id=3079188.1 |
| Oracle Communications Cloud Native Core Certificate Management, version 24.2.2 | https://support.oracle.com/rs?type=doc&id=3079190.1 |
| Oracle Communications Cloud Native Core Console, version 24.2.2 | https://support.oracle.com/rs?type=doc&id=3079221.1 |
| Oracle Communications Cloud Native Core DBTier, versions 24.2.3, 24.2.4, 24.3.0 | https://support.oracle.com/rs?type=doc&id=3079219.1 |
| Oracle Communications Cloud Native Core Network Data Analytics Function, version 24.2.0 | https://support.oracle.com/rs?type=doc&id=3079218.1 |
| Oracle Communications Cloud Native Core Network Function Cloud Native Environment, versions 24.2.5, 25.1.100 | https://support.oracle.com/rs?type=doc&id=3079223.1 |
| Oracle Communications Cloud Native Core Network Repository Function, version 24.2.3 | https://support.oracle.com/rs?type=doc&id=3079214.1 |
| Oracle Communications Cloud Native Core Policy, versions 24.2.0-24.2.4 | https://support.oracle.com/rs?type=doc&id=3079229.1 |
| Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 24.2.2, 24.2.3, 24.3.0 | https://support.oracle.com/rs?type=doc&id=3079228.1 |
| Oracle Communications Cloud Native Core Service Communication Proxy, versions 24.2.0, 24.2.3, 24.3.0, 25.1.100 | https://support.oracle.com/rs?type=doc&id=3079192.1 |
| Oracle Communications Cloud Native Core Unified Data Repository, versions 22.4.0, 23.1.0-23.4.0, 24.2.3, 25.1.100 | https://support.oracle.com/rs?type=doc&id=3079232.1 |
| Oracle Communications Diameter Signaling Router, version 9.0.0.0 | https://support.oracle.com/rs?type=doc&id=3079132.1 |
| Oracle Communications EAGLE Element Management System, version 46.6 | https://support.oracle.com/rs?type=doc&id=3079131.1 |
| Oracle Communications Element Manager, versions 9.0.0-9.0.3 | https://support.oracle.com/rs?type=doc&id=3079195.1 |
| Oracle Communications Messaging Server, version 8.1.0.26.0 | https://support.oracle.com/rs?type=doc&id=3077282.1 |
| Oracle Communications MetaSolv Solution, version 6.3.1 | https://support.oracle.com/rs?type=doc&id=3077305.1 |
| Oracle Communications Network Analytics Data Director, versions 24.1.0-24.3.0 | https://support.oracle.com/rs?type=doc&id=3079231.1 |
| Oracle Communications Network Charging and Control, versions 12.0.6.0.0, 15.0.0.0.0, 15.0.1.0.0 | https://support.oracle.com/rs?type=doc&id=3078762.1 |
| Oracle Communications Network Integrity, versions 7.3.6, 7.4.0, 7.5.0 | https://support.oracle.com/rs?type=doc&id=3077281.1 |
| Oracle Communications Operations Monitor, version 5.2 | https://support.oracle.com/rs?type=doc&id=3080353.1 |
| Oracle Communications Order and Service Management, versions 7.4.0, 7.4.1, 7.5.0 | https://support.oracle.com/rs?type=doc&id=3077292.1 |
| Oracle Communications Policy Management, version 15.0.0.0.0 | https://support.oracle.com/rs?type=doc&id=3079225.1 |
| Oracle Communications Pricing Design Center, versions 12.0.0.4.0-12.0.0.8.0, 15.0.0.0.0, 15.0.1.0.0 | https://support.oracle.com/rs?type=doc&id=3077300.1 |
| Oracle Communications Service Catalog and Design, versions 8.0.0.4.0, 8.1.0.2.0 | https://support.oracle.com/rs?type=doc&id=3077306.1 |
| Oracle Communications Session Border Controller, versions 9.2.0, 9.3.0, 10.0.0 | https://support.oracle.com/rs?type=doc&id=3079324.1 |
| Oracle Communications Session Report Manager, versions 9.0.0-9.0.3 | https://support.oracle.com/rs?type=doc&id=3079216.1 |
| Oracle Communications Unified Assurance, versions 6.0-6.1 | https://support.oracle.com/rs?type=doc&id=3077267.1 |
| Oracle Communications Unified Inventory Management, versions 7.4.0-7.4.2, 7.5.0-7.5.1, 7.6.0, 7.7.0 | https://support.oracle.com/rs?type=doc&id=3077278.1 |
| Oracle Communications User Data Repository, versions 14.0.0, 15.0.0, 15.0.1, 15.0.2 | https://support.oracle.com/rs?type=doc&id=3079130.1 |
| Oracle Data Integrator, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Database Server, versions 19.3-19.26, 21.3-21.17, 23.4-23.7 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Demantra Demand Management, versions 12.2.6-12.2.14 | https://support.oracle.com/rs?type=doc&id=3078833.1 |
| Oracle Documaker, versions 12.7.1.6, 12.7.2.3, 13.0.0.1 | https://support.oracle.com/rs?type=doc&id=3079097.1 |
| Oracle E-Business Suite, versions 12.2.3-12.2.14, [ECC] 12-13 | https://support.oracle.com/rs?type=doc&id=2484000.1 |
| Oracle Enterprise Communications Broker, versions 4.1.0, 4.2.0 | https://support.oracle.com/rs?type=doc&id=3079302.1 |
| Oracle Enterprise Manager Base Platform, versions 13.5.0.0.0, 24.1.0.0.0 | https://support.oracle.com/rs?type=doc&id=3070733.1 |
| Oracle Essbase, version 21.7.1.0.0 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Financial Services Analytical Applications Infrastructure, versions 8.0.7.8, 8.0.8.6, 8.1.1.4, 8.1.2.5 | https://support.oracle.com/rs?type=doc&id=3079096.1 |
| Oracle Financial Services Behavior Detection Platform, versions 8.0.8.1, 8.1.2.8, 8.1.2.9 | https://support.oracle.com/rs?type=doc&id=3078941.1 |
| Oracle Financial Services Compliance Studio, version 8.1.2.9 | https://support.oracle.com/rs?type=doc&id=3078903.1 |
| Oracle Financial Services Model Management and Governance, version 8.1.2.7.0 | https://support.oracle.com/rs?type=doc&id=3078931.1 |
| Oracle Financial Services Revenue Management and Billing, versions 2.9.0.0.0-7.0.0.0.0 | https://support.oracle.com/rs?type=doc&id=3077979.1 |
| Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition, version 8.0.8 | https://support.oracle.com/rs?type=doc&id=3078942.1 |
| Oracle Fusion Middleware MapViewer, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle GoldenGate, versions 19.1.0.0.0-19.26.0.0.250219, 21.3-21.17, 23.4-23.7 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle GoldenGate Veridata, versions 12.2.1.4.0-12.2.1.4.241210 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle GraalVM Enterprise Edition, versions 20.3.17, 21.3.13 | https://support.oracle.com/rs?type=doc&id=3047853.1 |
| Oracle GraalVM for JDK, versions 17.0.14, 21.0.6, 24 | https://support.oracle.com/rs?type=doc&id=3047853.1 |
| Oracle Graph Server and Client, versions 23.4.3, 23.4.4, 24.3.0, 24.4.0 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Hospitality Cruise Shipboard Property Management System, version 23.2.1 | https://support.oracle.com/rs?type=doc&id=3078677.1 |
| Oracle Hospitality Reporting and Analytics, versions 9.1.34-9.1.36 | https://support.oracle.com/rs?type=doc&id=3050828.1 |
| Oracle Hospitality Simphony, versions 19.1-19.7 | https://support.oracle.com/rs?type=doc&id=3075400.1 |
| Oracle HTTP Server, versions 12.2.1.4.0, 14.1.2.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Hyperion Financial Reporting, version 11.2.19.0.0 | https://support.oracle.com/rs?type=doc&id=2775466.2 |
| Oracle Hyperion Infrastructure Technology, version 11.2.19.0.0 | https://support.oracle.com/rs?type=doc&id=2775466.2 |
| Oracle Java SE, versions 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24 | https://support.oracle.com/rs?type=doc&id=3047853.1 |
| Oracle JDeveloper, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Managed File Transfer, versions 12.2.1.4.0, 14.1.2.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle NoSQL Database, versions 1.5.0, 1.6.0, 1.6.1 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Outside In Technology, version 8.5.7 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Policy Automation, versions 12.2.0-12.2.36 | https://support.oracle.com/rs?type=doc&id=3078527.1 |
| Oracle Policy Modeling, versions 12.2.0-12.2.36 | https://support.oracle.com/rs?type=doc&id=3078527.1 |
| Oracle REST Data Services, versions 23.1, 23.2, 23.3, 23.4 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Retail Order Broker, version 19.1 | https://support.oracle.com/rs?type=doc&id=3077277.1 |
| Oracle Retail Store Inventory Management, version 16.0.3.16 | https://support.oracle.com/rs?type=doc&id=3077277.1 |
| Oracle Retail Xstore Point of Service, versions 19.0.6, 20.0.5, 21.0.4, 22.0.2, 23.0.2, 24.0.1 | https://support.oracle.com/rs?type=doc&id=3077277.1 |
| Oracle SD-WAN Aware, version 9.0.1.11 | https://support.oracle.com/rs?type=doc&id=3079194.1 |
| Oracle SD-WAN Edge, version 9.1.1.9 | https://support.oracle.com/rs?type=doc&id=3079193.1 |
| Oracle Secure Backup, versions 12.1.0.1, 12.1.0.2, 12.1.0.3, 18.1.0.0, 18.1.0.1, 18.1.0.2, 19.1.0.0 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Service Bus, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Smart View for Office, version 24.200 | https://support.oracle.com/rs?type=doc&id=2775466.2 |
| Oracle SOA Suite, versions 12.2.1.4.0, 14.1.2.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle Solaris, version 11 | https://support.oracle.com/rs?type=doc&id=3078936.1 |
| Oracle SQL Developer, version 24.3.1.347.1826 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle TimesTen In-Memory Database, versions 22.1.1.1.0-22.1.1.30.0 | https://support.oracle.com/rs?type=doc&id=3070732.1 |
| Oracle Utilities Application Framework, versions 4.3.0.3.0-4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0, 4.5.0.0.0, 4.5.0.1.1, 4.5.0.1.3, 24.1.0.0.0-24.3.0.0.0 | https://support.oracle.com/rs?type=doc&id=3078835.1 |
| Oracle VM VirtualBox, version 7.1.6 | https://support.oracle.com/rs?type=doc&id=3078858.1 |
| Oracle WebCenter Forms Recognition, version 14.1.1.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle WebCenter Portal, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| Oracle WebLogic Server, versions 12.2.1.4.0, 14.1.1.0.0 | https://support.oracle.com/rs?type=doc&id=3078819.2 |
| OSS Support Tools, versions 2.11.0-2.12.46, 8.0-8.18, 18.1-18.4, 19.1-19.4, 20.1-20.4, 22.2, 23.1-23.4, 24.1-24.4, 25.1 | https://support.oracle.com/rs?type=doc&id=3078859.1 |
| PeopleSoft Enterprise CC Common Application Objects, version 9.2 | https://support.oracle.com/rs?type=doc&id=3078811.1 |
| PeopleSoft Enterprise HCM Talent Acquisition Manager, version 9.2 | https://support.oracle.com/rs?type=doc&id=3078811.1 |
| PeopleSoft Enterprise PeopleTools, versions 8.60, 8.61, 8.62 | https://support.oracle.com/rs?type=doc&id=3078811.1 |
| Primavera Gateway, versions 20.12.0-20.12.17, 21.12.0-21.12.15 | https://support.oracle.com/rs?type=doc&id=3078091.1 |
| Primavera P6 Enterprise Project Portfolio Management, versions 22.12.0-22.12.18, 23.12.0-23.12.13, 24.12.0-24.12.2 | https://support.oracle.com/rs?type=doc&id=3078091.1 |
| Primavera Unifier, versions 20.12.0-20.12.16, 21.12.0-21.12.17, 22.12.0-22.12.15, 23.12.0-23.12.13, 24.12.0-24.12.3 | https://support.oracle.com/rs?type=doc&id=3078091.1 |
| Siebel Applications, versions 17.0-25.2 | https://support.oracle.com/rs?type=doc&id=3078812.1 |
声明
本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。
绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。