Autonomous Health Framework (AHF ) 20.4.4.0.0 and vulnerability CVE-2021-45105/CVE-2021-44228/CVE-2021-45046  

A client’s ExaCC platform installed with Autonomous Health Framework (AHF ) 20.4.4.0.0, which uses /opt/oracle.ahf/common/jlib/log4j-core-2.13.3.jar.

So to address vulnerability CVE-2021-45105/CVE-2021-44228/CVE-2021-45046. AHF should be upgraded to 21.4 or later versions.

To download the latest AHF here Autonomous Health Framework (AHF) – Including TFA and ORAchk/EXAchk (Doc ID 2550798.1)

This version 21.4 of AHF uses Log4J 2.17, fixing the following Log4J CVEs:

  1. CVE-2021-44228
  2. CVE-2021-45046
  3. CVE-2021-45105

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: