The January 2022 Critical Patch Update released by Oracle on 18 January 2022 addresses issues which will impact two groups of Hyperion EPM on-premise customers:
11.1.2.4.x customers that use Essbase or Essbase Administration Services (EAS):
The impacted versions are:
- Oracle Essbase, versions prior to 11.1.2.4.47
- Oracle Essbase Administration Services, versions prior to 11.1.2.4.47
Note: Oracle WebLogic is not impacted as 11.1.2.4 systems use v.10.3.6.
Action Required: To mitigate the issue you must patch Essbase components to .047.
11.2.x Hyperion EPM customers:
The impacted products are:
- Oracle HTTP Server, versions 12.2.1.3.0, 12.2.1.4.0, 12.2.1.5.0
- Oracle WebLogic Server, versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0
Action Required: To mitigate the issue, Oracle advice is to upgrade to 11.2.7, which addresses these vulnerabilities.
The full details are available here: Oracle Critical Patch Update Advisory – January 2022
AMOSCA Support Centre assistance
If you believe your Hyperion EPM environment may be affected and wish to discuss the steps you need to take, please contact the ASC Helpdesk via helpdesk@amosca.co.uk.
