Some of the Oracle Products like Fusion Middleware, Oracle Data Integrator, Oracle eBusiness Suite, Oracle Enterprise Repository, Oracle WebCenter Portal, Oracle WebCenter Sites and Oracle WebLogic Server have been impacted by Log4j vulnerability.Some of the patches have been already released by the team whereas for some other products detailed workaround has been provided by the Oracle Team on the advisory. Rest of the Oracle products have been unaffected by this Vulnerability
| Product | Versions | Status | Source |
|---|---|---|---|
| All Database | All | Not Vulnerable | source, Support note 2827611.1 |
| Fusion Middleware | 12.2.1.3.0 to 12.2.1.4.0 | Fix | source, Support note 209768.1, Support note 2827611.1, MOS note 2827793.1 |
| NoSQL Database | All | Not Vulnerable | source, Support note 2827611.1 |
| Forms | All | Not Vulnerable | source, Support note 2827611.1 |
| Golden Gate | All | Not Vuln | source, Support note 2827611.1 |
| Oracle Access Manager | All | Not Vuln | source, Support note 2827611.1 |
| Oracle Data Integrator (ODI) | >= 12.2.1.3.210119, Marketplace – >= 2.1.0 | Workaround | source, Support note 2827611.1, Support Note 2827793.1 |
| Oracle eBusiness Suite | All | Workaround | source, Support note 2827611.1 |
| Oracle Enterprise Manager | All | Not Vuln | source, Support note 209768.1, Support note 2827611.1 |
| Oracle Enterprise Repository | All | Workaround | source, Support note 2827611.1, Support Note 2827793.1 |
| Oracle HTTP Server | All | Not Vuln | source, Support note 209768.1, Support note 2827611.1 |
| Oracle Internet Directory | All | Not Vuln | source, Support note 209768.1, Support note 2827611.1 |
| Oracle JDeveloper | All | Workaround | source, Support note 2827611.1, Support Note 2827793.1 |
| Oracle Policy Automation (OPA) | All | Fix | source, Support note 2827611.1, MOS note 33660673 |
| Oracle SOA Suite | All | Not Vuln | source, Support note 2827611.1 |
| Oracle VM VirtualBox | All | Not Vuln | source, Support note 2827611.1 |
| Oracle WebCenter Portal | 12.2.1.3 & 12.2.1.4 | Workaround | source, Support note 2827611.1 |
| Oracle WebCenter Sites | All | Workaround | source, Support note 2827611.1, Support Note 2827793.1 |
| Oracle WebLogic Server | 12.2.1.3.0 to 14.1.1.0.0 | Fix | source, Support note 209768.1, Support note 2827611.1, MOS Note 2827793.1 |