You are here

Oracle CPU April 2021 - Airlock Gateway and IAM

CVE-2021-23841, CVE-2021-3450, CVE-2021-2161, CVE-2021-2163
java, cpu, Oracle Critical Patch Update

The Oracle Critical Patch Update for April 2021 includes updates for Java SE [1] that fix 4 Java SE vulnerabilities.

Airlock Gateway uses Java in the Configuration Center and in several add-on modules.

Airlock Login/IAM before version 7.0 relies on a separately installed Java environment and the Java runtime environment is maintained by the system administrator.

No action required for Airlock Gateway and Login/IAM.


CVE-2021-23841, CVE-2021-3450
OpenSSL vulnerabilites patched in hotfixes for Airlock Gateway (see CVE-2021-23841, CVE-2021-3450). OpenSSL library is not used in Airlock Login/IAM.

Affected operation system (Windows) is not supported by Airlock instances.

Affected component (JAR Signing) not used by Airlock.



General Advice: We strongly recommend to update all client deployments of Java and uninstalling Java from clients where it is not needed.

Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required