Rackspace Advisory for Oracle Applications
by Marc Nourani, Director, Incident Change Problem Management Operations, Rackspace Technology
Rackspace Technology is aware that Oracle recently published the following security vulnerabilities impacting Oracle’s GoldenGate, Fusion Middleware, Hyperion, and other products. One Oracle vulnerability addressed is CVE-2022-22965, otherwise known as the Spring4Shell vulnerability. Spring4Shell is a zero-day vulnerability that was first observed being exploited in April 2022, which allows threat actors to remotely execute code on Java Spring Framework web applications.
CVE-2022-23457
CVE-2022-45047
CVE-2022-22965
CVE-2022-37434
CVE-2022-33980
CVE-2022-29599
CVE-2022-27404
You can find more about these vulnerabilities via the Oracle Critical Patch Update Advisory: https://www.oracle.com/security-alerts/cpuapr2023.html
Rackspace engineers have performed an initial assessment and strongly recommend that customers review the advisories and ensure appropriate patches are installed.
Should you have any questions or require assistance in responding to these vulnerabilities, please contact a support Racker via https://www.rackspace.com/login.
Recent Posts
Platform Engineering: Revolutionizing Development Processes with the Adoption of Backstage
March 19th, 2024
The Latest Rackspace Technology Innovation in Platform Engineering: Time Saver for Backstage
February 29th, 2024
Rackspace Response to Microsoft February 2024 Patch Tuesday Vulnerability
February 19th, 2024
Take GitHub Webhooks Event Processing to the Next Level
January 19th, 2024
Choosing the Right Multicloud Model
January 5th, 2024