一. 漏洞概述
2021年10月20日,绿盟科技监测发现Oracle官方发布了10月重要补丁更新公告CPU(Critical Patch Update),此次共修复了419个不同程度的漏洞,此次安全更新涉及Oracle MySQL、Oracle Weblogic Server、Oracle Java SE、Oracle FusionMiddleware、Oracle Retail Applications等多个常用产品。Oracle强烈建议客户尽快应用关键补丁更新修复程序,对漏洞进行修复。
参考链接:https://www.oracle.com/security-alerts/cpuoct2021.html
二、重点漏洞简述
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
Oracle MySQL多个漏洞:
此次安全更新针对Oracle MySQL发布了66个安全补丁, 其中的10个漏洞在未经用户身份验证的情况下即可远程进行利用,即无需用户凭据即可通过网络利用。漏洞编号如下:
CVE-2021-22931
CVE-2021-3711
CVE-2021-3518
CVE-2021-22926
CVE-2021-36222
CVE-2021-35583
CVE-2021-3712
CVE-2021-33037
CVE-2021-29425
CVE-2021-35613
Oracle Financial Services Applications多个漏洞:
此次安全更新针对Oracle Financial Services Applications发布了44个安全补丁。其中的26个漏洞在未经用户身份验证的情况下即可远程进行利用。高危漏洞编号如下:
CVE-2020-5413
CVE-2020-10683
CVE-2021-21345
Oracle Insurance Applications多个漏洞:
此次安全更新针对Oracle Insurance Applications发布了16个安全补丁。其中的11个漏洞在未经用户身份验证的情况下即可远程进行利用。攻击者可以通过HTTP访问网络发送恶意请求,从而控制产品中的组件进而对关键数据完全访问。严重漏洞编号如下:
CVE-2016-1000031
CVE-2019-13990
CVE-2020-10683
CVE-2019-17195
Oracle Communications多个漏洞:
此次安全更新针对Oracle Communications发布了71个安全补丁,其中的56个漏洞在未经用户身份验证的情况下即可远程进行利用。高危漏洞编号如下:
CVE-2021-21345
CVE-2021-21783
CVE-2017-9841
CVE-2021-21783
CVE-2021-11998
CVE-2021-17530
CVE-2021-23017
Oracle Fusion Middleware多个漏洞:
此次安全更新针对Oracle Fusion Middleware发布了38个安全补丁。其中有30个漏洞在未经用户身份验证的情况下即可远程进行利用。高危漏洞编号如下:
CVE-2019-13990
CVE-2018-8088
CVE-2021-35617
Oracle Retail Applications多个漏洞:
此次安全更新针对Oracle Retail Applications发布了26个安全补丁。其中有9个漏洞在未经用户身份验证的情况下即可远程进行利用。高危漏洞编号如下:
CVE-2021-2351
Oracle官方10月关键补丁更新漏洞总结如下:
| 产品 | 漏洞个数 | 未授权远程利用个数 | 最高CVSS评分 |
| Oracle Database Products Risk Matrices | 9 | 2 | 8.2 |
| Oracle Database Server | 9 | 2 | 8.2 |
| Oracle Essbase | 5 | 3 | 10 |
| Oracle GoldenGate | 1 | 1 | 6.5 |
| Oracle Graph Server and Client | 1 | 1 | 7.5 |
| Oracle REST Data Services | 1 | 1 | 7.5 |
| Oracle Secure Backup | 1 | 1 | 7.4 |
| Oracle Commerce | 2 | 0 | 5.4 |
| Oracle Communications Applications | 19 | 14 | 9.8 |
| Oracle Communications | 71 | 56 | 9.9 |
| Oracle Construction and Engineering | 12 | 7 | 9.8 |
| Oracle E-Business Suite | 18 | 4 | 8.1 |
| Oracle Enterprise Manager | 8 | 5 | 9.8 |
| Oracle Financial Services Applications | 44 | 26 | 9.9 |
| Oracle Fusion Middleware | 38 | 30 | 9.8 |
| Oracle Health Sciences Applications | 6 | 3 | 9.8 |
| Oracle Hospitality Applications | 1 | 1 | 6.1 |
| Oracle Hyperion | 6 | 5 | 6.1 |
| Oracle Insurance Applications | 16 | 11 | 9.8 |
| Oracle Java SE | 15 | 13 | 8.6 |
| Oracle JD Edwards | 11 | 8 | 7.5 |
| Oracle MySQL | 66 | 10 | 9.8 |
| Oracle PeopleSoft | 17 | 8 | 9.1 |
| Oracle Retail Applications | 26 | 9 | 8.3 |
| Oracle Siebel CRM | 6 | 5 | 7.5 |
| Oracle Supply Chain | 5 | 3 | 7.5 |
| Oracle Systems | 5 | 2 | 9.8 |
| Oracle Utilities Applications | 1 | 0 | 5.5 |
| Oracle Virtualization | 8 | 1 | 7.8 |
三. 漏洞防护
请用户参考本文附录“受影响产品及补丁信息”及时下载受影响产品更新补丁,并参照补丁安装包中的readme文件进行安装更新,以保证长期有效的防护。
注:Oracle官方补丁需要用户持有正版软件的许可账号,使用该账号登陆https://support.oracle.com后,可以下载最新补丁。
附录:受影响产品及补丁信息
| 受影响产品及版本号 | 可用补丁 |
| Enterprise Manager Base Platform, versions 13.4.0.0, 13.5.0.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Enterprise Manager for Oracle Database, version 13.4.0.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Enterprise Manager Ops Center, version 12.4.0.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Essbase Administration Services, versions prior to 11.1.2.4.46 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Hyperion Financial Management, versions 11.1.2.4, 11.2.6.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Hyperion Financial Reporting, versions 11.1.2.4, 11.2.6.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Hyperion Infrastructure Technology, version 11.2.6.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Hyperion Planning, versions 11.1.2.4, 11.2.6.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Instantis EnterpriseTrack, versions 17.1, 17.2, 17.3 | https://support.oracle.com/rs?type=doc&id=2809438.1 |
| JD Edwards EnterpriseOne Orchestrator, versions prior to 9.2.6.0 | https://support.oracle.com/rs?type=doc&id=2810363.1 |
| JD Edwards EnterpriseOne Tools, versions prior to 9.2.6.0 | https://support.oracle.com/rs?type=doc&id=2810363.1 |
| JD Edwards World Security, version A9.4 | https://support.oracle.com/rs?type=doc&id=2810363.1 |
| MySQL Client, versions 8.0.26 and prior | https://support.oracle.com/rs?type=doc&id=2809354.1 |
| MySQL Cluster, versions 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior, 8.0.26 and prior | https://support.oracle.com/rs?type=doc&id=2809354.1 |
| MySQL Connectors, versions 8.0.26 and prior | https://support.oracle.com/rs?type=doc&id=2809354.1 |
| MySQL Enterprise Monitor, versions 8.0.25 and prior | https://support.oracle.com/rs?type=doc&id=2809354.1 |
| MySQL Server, versions 5.7.35 and prior, 8.0.26 and prior | https://support.oracle.com/rs?type=doc&id=2809354.1 |
| MySQL Workbench, versions 8.0.26 and prior | https://support.oracle.com/rs?type=doc&id=2809354.1 |
| Oracle Agile PLM, versions 9.3.3, 9.3.6 | https://support.oracle.com/rs?type=doc&id=2810378.1 |
| Oracle Application Express, versions prior to 21.1.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Application Testing Suite, version 13.3.0.1 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Autovue for Agile Product Lifecycle Management, version 21.0.2 | https://support.oracle.com/rs?type=doc&id=2810378.1 |
| Oracle Banking Cash Management, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Banking Corporate Lending Process Management, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Banking Credit Facilities Process Management, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Banking Enterprise Default Management, versions 2.10.0, 2.12.0 | https://support.oracle.com/rs?type=doc&id=2808888.1 |
| Oracle Banking Extensibility Workbench, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Banking Platform, versions 2.6.2, 2.7.1, 2.9.0, 2.12.0 | https://support.oracle.com/rs?type=doc&id=2808888.1 |
| Oracle Banking Supply Chain Finance, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Banking Trade Finance Process Management, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Banking Virtual Account Management, versions 14.2, 14.3, 14.5 | https://support.oracle.com/ |
| Oracle Business Activity Monitoring, versions 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Business Intelligence Enterprise Edition, versions 5.5.0.0.0, 12.2.1.3.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Commerce Guided Search, version 11.3.2 | https://support.oracle.com/rs?type=doc&id=2811064.1 |
| Oracle Commerce Merchandising, version 11.3.2 | https://support.oracle.com/rs?type=doc&id=2811064.1 |
| Oracle Communications Application Session Controller, version 3.9 | https://support.oracle.com/rs?type=doc&id=2815518.1 |
| Oracle Communications Billing and Revenue Management, versions 7.5.0.0.0, 12.0.0.3.0 | https://support.oracle.com/rs?type=doc&id=2808815.1 |
| Oracle Communications BRM – Elastic Charging Engine, version 12.0.0.3 | https://support.oracle.com/rs?type=doc&id=2808815.1 |
| Oracle Communications Calendar Server, version 8.0.0.6.0 | https://support.oracle.com/rs?type=doc&id=2808816.1 |
| Oracle Communications Cloud Native Core Network Repository Function, version 1.14.0 | https://support.oracle.com/rs?type=doc&id=2809116.1 |
| Oracle Communications Cloud Native Core Policy, version 1.11.0 | https://support.oracle.com/rs?type=doc&id=2809114.1 |
| Oracle Communications Control Plane Monitor, versions 3.4, 4.2, 4.3, 4.4 | https://support.oracle.com/rs?type=doc&id=2809423.1 |
| Oracle Communications Converged Application Server – Service Controller, version 6.2 | https://support.oracle.com/rs?type=doc&id=2809113.1 |
| Oracle Communications Design Studio, version 7.4.2 | https://support.oracle.com/rs?type=doc&id=2808817.1 |
| Oracle Communications Diameter Signaling Router, versions 8.0.0.0-8.5.0.0 | https://support.oracle.com/rs?type=doc&id=2809085.1 |
| Oracle Communications EAGLE | https://support.oracle.com/rs?type=doc&id=2809087.1 |
| Oracle Communications EAGLE FTP Table Base Retrieval, version 4.5 | https://support.oracle.com/rs?type=doc&id=2809115.1 |
| Oracle Communications EAGLE LNP Application Processor, versions 46.7, 46.8, 46.9 | https://support.oracle.com/rs?type=doc&id=2809093.1 |
| Oracle Communications Element Manager, versions 8.2.0.0-8.2.4.0 | https://support.oracle.com/rs?type=doc&id=2809094.1 |
| Oracle Communications Fraud Monitor, versions 3.4-4.4 | https://support.oracle.com/rs?type=doc&id=2809422.1 |
| Oracle Communications Interactive Session Recorder, version 6.4 | https://support.oracle.com/rs?type=doc&id=2809118.1 |
| Oracle Communications LSMS, versions 13.1-13.4 | https://support.oracle.com/rs?type=doc&id=2809119.1 |
| Oracle Communications Messaging Server, version 8.1 | https://support.oracle.com/rs?type=doc&id=2808816.1 |
| Oracle Communications MetaSolv Solution, version 6.3.1 | https://support.oracle.com/rs?type=doc&id=2808878.1 |
| Oracle Communications Offline Mediation Controller, version 12.0.0.3.0 | https://support.oracle.com/rs?type=doc&id=2808879.1 |
| Oracle Communications Operations Monitor, versions 3.4, 4.2, 4.3, 4.4 | https://support.oracle.com/rs?type=doc&id=2809120.1 |
| Oracle Communications Policy Management, version 12.5.0 | https://support.oracle.com/rs?type=doc&id=2809110.1 |
| Oracle Communications Pricing Design Center, version 12.0.0.3.0 | https://support.oracle.com/rs?type=doc&id=2808815.1 |
| Oracle Communications Services Gatekeeper, version 7.0 | https://support.oracle.com/rs?type=doc&id=2809111.1 |
| Oracle Communications Session Border Controller, versions 8.4, 9.0 | https://support.oracle.com/rs?type=doc&id=2809267.1 |
| Oracle Communications Session Report Manager, versions 8.0.0.0-8.2.5.0 | https://support.oracle.com/rs?type=doc&id=2811990.1 |
| Oracle Communications Session Route Manager, versions 8.0.0.0-8.2.5.0 | https://support.oracle.com/rs?type=doc&id=2812072.1 |
| Oracle Data Integrator, version 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Database Server, versions 12.1.0.2, 12.2.0.1, 19c, 21c | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Documaker, versions 12.6.0-12.6.4 | https://support.oracle.com/rs?type=doc&id=2809145.1 |
| Oracle E-Business Suite, versions 12.1.1-12.1.3, 12.2.3-12.2.10 | https://support.oracle.com/rs?type=doc&id=2484000.1 |
| Oracle Enterprise Communications Broker, versions 3.2, 3.3 | https://support.oracle.com/rs?type=doc&id=2809298.1 |
| Oracle Enterprise Repository, version 11.1.1.7.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Enterprise Telephony Fraud Monitor, versions 3.4, 4.2, 4.3, 4.4 | https://support.oracle.com/rs?type=doc&id=2810340.1 |
| Oracle Ethernet Switch ES2-64, Oracle Ethernet Switch ES2-72, version 2.0.0.14 | https://support.oracle.com/rs?type=doc&id=2809232.1 |
| Oracle Financial Services Analytical Applications Infrastructure, versions 8.0.6-8.1.1 | https://support.oracle.com/rs?type=doc&id=2809214.1 |
| Oracle Financial Services Enterprise Case Management, versions 8.0.7.2.0, 8.0.8.1.0 | https://support.oracle.com/ |
| Oracle Financial Services Model Management and Governance, versions 8.0.8.0.0-8.1.0.0.0 | https://support.oracle.com/rs?type=doc&id=2814201.1 |
| Oracle FLEXCUBE Core Banking, versions 11.7, 11.8, 11.9, 11.10 | https://support.oracle.com/ |
| Oracle Global Lifecycle Management OPatch | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle GoldenGate, versions prior to 19.1.0.0.0.210420 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle GoldenGate Application Adapters, version 19.1.0.0.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle GraalVM Enterprise Edition, versions 20.3.3, 21.2.0 | https://support.oracle.com/rs?type=doc&id=2810386.1 |
| Oracle Graph Server and Client, versions prior to 21.3.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Health Sciences Central Coding, versions 6.2.0, 6.3.0 | https://support.oracle.com/rs?type=doc&id=2806298.1 |
| Oracle Health Sciences InForm, version 6.3.0 | https://support.oracle.com/rs?type=doc&id=2806298.1 |
| Oracle Healthcare Data Repository, versions 7.0.2, 8.1.0 | https://support.oracle.com/rs?type=doc&id=2806298.1 |
| Oracle Healthcare Foundation, versions 7.3, 8.0, 8.1 | https://support.oracle.com/rs?type=doc&id=2806298.1 |
| Oracle Hospitality Cruise Shipboard Property Management System, version 20.1.0 | https://support.oracle.com/rs?type=doc&id=2806436.1 |
| Oracle HTTP Server, versions 11.1.1.9.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Insurance Calculation Engine, versions 11.0.0-11.3.1 | https://support.oracle.com/rs?type=doc&id=2809145.1 |
| Oracle Insurance Policy Administration, versions 11.0.0-11.3.1 | https://support.oracle.com/rs?type=doc&id=2809145.1 |
| Oracle Java SE, versions 7u311, 8u301, 11.0.12, 17 | https://support.oracle.com/rs?type=doc&id=2810386.1 |
| Oracle NoSQL Database | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Outside In Technology, version 8.5.5 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Real User Experience Insight, versions 13.4.1.0, 13.5.1.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Real-Time Decision Server, versions 3.2.0.0, 11.1.1.9.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle REST Data Services, versions prior to 21.3 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Retail Advanced Inventory Planning, versions 14.1, 15.0, 16.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Assortment Planning, version 16.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Back Office, versions 14.0, 14.1 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Bulk Data Integration, versions 16.0.3, 19.0.1 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Central Office, versions 14.0, 14.1 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Customer Management and Segmentation Foundation, versions 16.0-19.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Extract Transform and Load, version 13.2.8 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Financial Integration, versions 14.1.3.2, 15.0.4.0, 16.0.3.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Integration Bus, versions 14.1.3.2, 15.0.4.0, 16.0.3.0, 19.0.1.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Merchandising System, versions 15.0.3, 19.0.1 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Point-of-Service, versions 14.0, 14.1 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Predictive Application Server, versions 14.1.3, 15.0.3, 16.0.3 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Returns Management, versions 14.0, 14.1 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Service Backbone, versions 14.1.3.2, 15.0.4.0, 16.0.3.0, 19.0.1.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Retail Store Inventory Management, versions 14.1, 15.0, 16.0 | https://support.oracle.com/rs?type=doc&id=2801874.1 |
| Oracle Secure Backup, versions prior to 18.1.0.1.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Secure Global Desktop, version 5.6 | https://support.oracle.com/rs?type=doc&id=2810981.1 |
| Oracle Solaris, version 11 | https://support.oracle.com/rs?type=doc&id=2809232.1 |
| Oracle Spatial Studio | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle SQL Developer | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle Transportation Management, version 6.4.3 | https://support.oracle.com/rs?type=doc&id=2810378.1 |
| Oracle Utilities Framework, versions 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0-4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0 | https://support.oracle.com/rs?type=doc&id=2809748.1 |
| Oracle VM VirtualBox, versions prior to 6.1.28 | https://support.oracle.com/rs?type=doc&id=2810981.1 |
| Oracle WebCenter Portal, versions 12.2.1.3.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle WebCenter Sites, versions 12.2.1.3.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle WebLogic Server Proxy Plug-In, versions 12.2.1.3.0, 12.2.1.4.0 | https://support.oracle.com/rs?type=doc&id=2796575.1 |
| Oracle ZFS Storage Appliance Kit, version 8.8 | https://support.oracle.com/rs?type=doc&id=2809232.1 |
| PeopleSoft Enterprise CC Common Application Objects, version 9.2 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| PeopleSoft Enterprise CS Academic Advisement, version 9.2 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| PeopleSoft Enterprise CS Campus Community, versions 9.0, 9.2 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| PeopleSoft Enterprise CS SA Integration Pack, versions 9.0, 9.2 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| PeopleSoft Enterprise CS Student Records, version 9.2 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| PeopleSoft Enterprise PeopleTools, versions 8.57, 8.58, 8.59 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| PeopleSoft Enterprise SCM, version 9.2 | https://support.oracle.com/rs?type=doc&id=2810361.1 |
| Primavera Gateway, versions 17.12.0-17.12.11, 18.8.0-18.8.12, 19.12.0-19.12.11, 20.12.0-20.12.7 | https://support.oracle.com/rs?type=doc&id=2809438.1 |
| Primavera Unifier, versions 17.7-17.12, 18.8, 19.12, 20.12 | https://support.oracle.com/rs?type=doc&id=2809438.1 |
| Siebel Applications, versions 21.9 and prior | https://support.oracle.com/rs?type=doc&id=2810362.1 |
| Tekelec Platform Distribution, versions 7.4.0-7.7.1 | https://support.oracle.com/rs?type=doc&id=2809117.1 |
| Tekelec Virtual Operating Environment, versions 3.4.0-3.7.1 | https://support.oracle.com/rs?type=doc&id=2809138.1 |
声明
本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。
绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。