Enterprise Manager Generic (MOSC)

MOSC Banner

question about log4j security alert for OEM13cR5 in Doc ID 2828296.1

edited Dec 24, 2021 3:57PM in Enterprise Manager Generic (MOSC) 3 commentsAnswered ✓

Hi,

In OEM13cR5 section, Instruction number 2 says the following:

2. Upcoming JAN 2022 WLS PSU Patch contains the fix of Log4j2.x Vulnerability ( Patch not yet released)


I'm trying to understand what the above means.

For example if I wait till mid Jan for WLS PSU Patch release, would we still need to do Apply OCT WLS PSU Patch 33416868 mentioned above it?


I assume the (Doc ID 2828296.1) will be updated accordingly in mid Jun 2022 and these steps will be totally different because of upcoming Jan 2022 WLS PSU patch?


My OEM13cR5 is in test environment and mitigation steps were performed successfully so waiting is not a problem.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center