How to change SYS password on ExaCC Gen 2
Changing Oracle database user SYS password is quite straightforward on a normal deployment – not so much on an ExaCC Gen 2 environment. In fact, it ... Read More
Découvrez pourquoi Eclipsys a été nommée 2023 Best Workplaces in Technology, Great Place to Work® Canada et Canada's Top 100 SME !
En savoir plus !In April 2019, a security advisory was release for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server that could be easily exploited, allowing unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Servers.
Showcase has emerged on the internet that the vulnerability was already being actively exploited to install cryptocurrency miners.
The confirmed WLS versions being affected by this vulnerability are 10.3.6.0.0 and 12.1.3.0.0.
If you are using any of these WLS releases, you need to patch your system as soon as possible.
Moreover, WebLogic Server is now part of the integration of Oracle Enterprise Manager. If you are using any of the versions below, you need to patch your system as soon as possible.
12.1.0.3, 12.1.0.4, 12.1.0.5 versions of EM use WebLogic Server 10.3.6.0.
13.x version of EM uses WebLogic Server 12.1.3.0.0
If you are using any versions of the system mentioned above, you need to start patching plan immediately. While at it, maybe it’s a good time to patch your OEM systems and agents at the same time.
Downtime to the system and/or OEM is required during patching.
If you are using standalone WLS 10.3.6, you need to apply one of the following patches:
If you are using standalone WLS 12.1.3.0, you need to apply one of the following patches:
Please note that the patches available for 10.3.6.0 and 12.1.3.0 versions are overlay patches, meaning they are created for respective PSU releases (January 2019, and April 2019). Please ensure that the required PSU/CPU is applied before applying the one-off patches.
If you are using Oracle Enterprise Manager with integrated WebLogic Server, you need to apply the following patches according to your OEM versions:
If you are using integrated WebLogic Server with other products, please consult Oracle for further actions.
Below is a high-level patch plan for patching operations. Normally you could just follow the README file that comes with the patches themselves. However, there are some notes that might help you with speedier and smoother patching:
Review the patching log carefully, especially if you patch several agents at a time. Sometime the patching might fail if run from OEM. In this case, you will have to do a manual patch.
Changing Oracle database user SYS password is quite straightforward on a normal deployment – not so much on an ExaCC Gen 2 environment. In fact, it ... Read More