AnsweredAssumed Answered

Oracle Weblogic Server 12.2.1.3  Multiple Vulnerabities

Question asked by Kannan Padmanabhan on Mar 18, 2019

We recently upgraded our Oracle WebLogic server to 12.2.1.3 and the Qualys scan is identifying that we still have the vulnerability and reports that I need to upgrade and apply the PSU.

From the opatch lsinventory and from weblogic.jar  weblogic.version -verbose shows clearly that our wls is upgraded to

 

WLS PATCH SET UPDATE 12.2.1.3.190115 .

Is there a manual way for the qualys admin to run the opatch lsinventory or other utilities on the server to identify the patches applied to the environment ?

Is there a way to debug the QID detection logic to see what it is deriving the files as I have 2 homes for the weblogic 12c that is required for running the Oracle EDQ software on the host.

Outcomes