/Oracle Critical Patch Update

Oracle Critical Patch Update

Last week, ERPscan have reveal on the vulnerabilities that effected the Oracle Server application called “Tuxedo”. For those are not familiar with the Oracle Tuxedo, can read about it at here

The ERPscan company mentioned that the bug will received CVSS around 10 and 9.9 which can considered as “High”

As a result, Oracle have released an immediate patch to solve any serious and dangerous vulnerability related to the Oracle Tuxedo.

ERPscan also disclosed the following CVE for your reference:

  1. CVE-2017-10272(Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware)
  2. CVE-2017-10269(Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware)
  3. CVE-2017-10267(Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware)
  4. CVE-2017-10266(Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware)
  5. CVE-2017-10278(Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware)

The effected Oracle Tuxedo will be such as:

  • 11.1.1,
  • 12.1.1,
  • 12.1.3,
  • 12.2.2

Source:Oracle issues emergency patch for JoltandBleed bug in Tuxedo middleware

I'm an IT Security Writer with a passion and talent for aligning security architecture, plans, controls, processes, policies and procedures with security standards and operational goals