Java & Oracle Vulnerabilities on eHealth production server may cause production outage

Document ID : KB000100975
Last Modified Date : 13/06/2018
Show Technical Document Details
Introduction:
Is eHealth vulnerable to this known vulnerability?
Question:
eHealth 6.3.2.11 running on Solaris 10

Critical Java and Oracle Vulnerabilities have been uncovered.

These are serious enough to threaten a near immediate shut down of the eHealth servers due to security concerns if not alleviated immediately.

https://www.tenable.com/plugins/nessus/64816
Environment:
6.3.2.11 on Sol 10
Answer:
Solution: Upgrade to a version of Oracle Java JRE that is currently supported.

Customer should upgrade to the latest EH version, which contains the latest Java JRE release upgrade.

It is eHealth release r6.3.3.04.

https://support.ca.com/us/download-center/solution-detail.html?docid=652141&os=LINUX&aparno=RO99856