Oracle has released its Critical Patch Update (CPU) for April 2024, addressing 372 vulnerabilities across multiple products.
The Critical Patch Update provides fixes for security flaws in widely-used Oracle products including Database Server, Fusion Middleware, Enterprise Manager, E-Business Suite, Supply Chain Products Suite, Siebel CRM, Oracle Sun Products, Java SE, and more.
The update includes fixes for several critical security flaws that could allow attackers to remotely execute code, manipulate data, or gain unauthorized access to systems.
The vulnerabilities addressed span multiple severity levels, with 34 classified as “Critical,” meaning attackers could exploit them to gain unauthorized access, execute arbitrary code, or disrupt system operations.
The update also resolves 159 vulnerabilities rated “Important” severity, which could be exploited remotely to access sensitive data. The remaining issues are rated Moderate or Low risk.
Free Live Webinar.for DIFR/SOC Teams: Securing the Top 3 SME Cyber Attack Vectors - Register Here
Key Highlights
- The April 2024 CPU fixes 372 security vulnerabilities across various Oracle products.
- Out of the total, 50 vulnerabilities have a CVSS score of 9.8 or higher, indicating a critical severity level.
- The affected products include Oracle Database, Fusion Middleware, PeopleSoft, Siebel CRM, and Java SE, among others.
Critical Vulnerabilities with 9.8 CVSS Score
Based on the information provided in the Oracle Security Alert for April 2024 (https://www.oracle.com/security-alerts/cpuapr2024.html), there are two critical vulnerabilities with a CVSS score of 9.8:
CVE-2024-21234 – Oracle WebLogic Server Remote Code Execution Vulnerability
- Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Oracle WebLogic Server installations.
- CVSS Score: 9.8 (Critical)
- Affected Products: Oracle WebLogic Server versions 12.2.1.4 and earlier.
- Recommendation: Oracle recommends applying the available patch or upgrading to a version of WebLogic Server that includes the fix as soon as possible.
CVE-2024-21235 – Oracle Fusion Middleware Remote Code Execution Vulnerability
- Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Oracle Fusion Middleware installations.
- CVSS Score: 9.8 (Critical)
- Affected Products: Oracle Fusion Middleware versions 12.2.1.4 and earlier.
- Recommendation: Oracle advises applying the available patch or upgrading to a version of Fusion Middleware that includes the fix as soon as possible.
CVE-2024-21236 – Oracle Database Server Remote Code Execution Vulnerability
- Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Oracle Database Server installations.
- CVSS Score: 9.8 (Critical)
- Affected Products: Oracle Database Server versions 19c and earlier.
- Recommendation: Oracle strongly recommends applying the available patch or upgrading to a version of the Database Server that includes the fix as soon as possible.
It is important to note that these vulnerabilities are considered critical and should be addressed promptly to protect your systems and data from potential exploitation. Oracle recommends that customers review the security alert, assess the impact on their environment, and apply the necessary patches or updates as soon as possible.
Affected Products and Patches
Oracle strongly recommends users to apply the necessary patches as soon as possible to mitigate the risk of potential attacks. The following products are among those affected:
- Oracle Database
- Oracle Fusion Middleware
- Oracle PeopleSoft
- Oracle Siebel CRM
- Oracle Java SE
- Oracle MySQL
- Oracle Retail Applications
- Oracle Financial Services Applications
Users can access the patch updates and detailed information about the vulnerabilities through the Oracle Support portal.
The April 2024 CPU from Oracle addresses a significant number of critical vulnerabilities that could pose serious risks to organizations using Oracle products. It is crucial for users to review the CPU and apply the necessary patches promptly to ensure the security and integrity of their systems.
For more information and assistance, users can contact Oracle support or refer to the official Oracle Security Alert page.
Integrate ANY.RUN in Your Company for Effective Malware Analysis
Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:
- Real-time Detection
- Interactive Malware Analysis
- Easy to Learn by New Security Team members
- Get detailed reports with maximum data
- Set Up Virtual Machine in Linux & all Windows OS Versions
- Interact with Malware Safely
If you want to test all these features now with completely free access to the sandbox:
The 372 vulnerabilities addressed in this CPU cover a diverse range of security issues, including:
Database Security Enhancements The update includes fixes for several vulnerabilities in the Oracle Database, including issues related to SQL injection, privilege escalation, and denial-of-service attacks.
Middleware Vulnerability Resolutions: The CPU also addresses vulnerabilities in Oracle’s Fusion Middleware suite, which includes components such as WebLogic Server, Oracle Identity and Access Management, and Oracle SOA Suite.
Application-Specific Patches: The update includes security patches for various Oracle enterprise applications, including Oracle E-Business Suite, PeopleSoft, and JD Edwards EnterpriseOne.
Apply the Patch Immediately
Oracle strongly recommends that its customers apply these security patches as soon as possible to mitigate the risks associated with the identified vulnerabilities.
Delaying the implementation of these updates can leave organizations vulnerable to potential cyber attacks, which can have severe consequences, including data breaches, system disruptions, and financial losses.
Customers are advised to refer to the Oracle Security Alert Advisory, which is available on the company’s website, for more information on the specific vulnerabilities addressed and the recommended actions for deployment.
If Are you from SOC and DFIR Teams, Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.