We are currently using RSA Authentication Manager 8.4 Patch 6. Our Computer Security Team recently scanned the Appliance and found a vulnerability relating to Oracle WebLogic Server that comes installed with the virtual appliance provided by RSA. Can we upgrade/install the Oracle WebLogic Server Application on the Appliance without updating the RSA Patch version or does the RSA Patch include or come integrated with the Oracle WebLogic Server Application.
I've never installed software outside of the RSA Virtual Appliance Patches and was wondering if there is a matrix somewhere that can tell us what RSA Update contains which version of Oracle WebLogic. We don't currently have a completed Development Environment setup to test this so I'm a little nervous about implementing.