Oracle Analytics Server (OAS) (MOSC) READ-ONLY

MOSC Banner

OBI Administration Client Tool - Vulnerability in Embedded java.exe

Oracle BI Administration Tool

Version 12.2.2.0.20

Installed on a Windows 10 PC

Internal security is flagging a vulnerability on the following files:

C:\Oracle\Middleware\Oracle_Home\bi\modules\oracle.bi.datadirect.odbc\8.0.1\jre\bin\java.exe

C:\Oracle\Middleware\Oracle_Home\bi\modules\oracle.bi.datadirect.odbc\7.1.5\jre\bin\java.exe

C:\Oracle\Middleware\Oracle_Home\bi\modules\oracle.bi.datadirect.odbc\7.1.4\jre\bin\java.exe

C:\Oracle\Middleware\Oracle_Home\bi\modules\oracle.bi.datadirect.odbc\5.3.\jre\bin\java.exe

We cannot remove the entire directories, because the startup of the Administration Tool looks for the odbc.properties file.

Can we archive-off the four java.exe files without any harm to functionality? I can play with this, but I would like a definitive answer. Alternately, is there a patch that we could run? Keep in mind that these are not OBI servers, but PCs running the Oracle BI Administration Tool, which includes Catalog Manager and Job Manager. Any patch that I found on this issue is for an OBI Server installation, and includes several fixes to other problems.

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center