3 Media and Documentation

3.1 Media Pack

This section lists the media package for Oracle Communications Cloud Native Core 3.24.3. To download the media package, see MOS.

To learn how to access and download the media package from MOS, see Accessing NF Documents on MOS.

Note:

The information provided in this section is accurate at the time of release but is subject to change. See the Oracle software delivery website for the latest information.

Table 3-1 Media Pack Contents for Oracle Communications Cloud Native Core 3.24.3

Description NF Version ATS Version Upgrade Supported
Oracle Communications Cloud Native Core, Binding Support Function (BSF) 24.3.0 24.3.0 BSF 24.3.0 supports fresh installation and upgrade from 24.2.x and 24.1.x. For more information, see Oracle Communications Cloud Native Core, Binding Support Function Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Configuration Console (CNC Console) 24.3.0 NA

CNC Console 24.3.0 supports fresh installation and upgrade from 24.2.x and 24.1.x. For more information, see Oracle Communications Cloud Native Configuration Console Installation, Upgrade, and Fault Recovery Guide.

Note: CNC Console supports N-2 NF versions during upgrade window. For example, CNC Console 24.3.0 supports SCP 24.3.0, 24.2.x, and 24.1.x.

Any newly added features in Console which have NF dependency in latest release may not be available in previous release.
Oracle Communications Cloud Native Core, cnDBTier (cnDBTier) 24.3.1 NA cnDBTier 24.3.1 supports fresh installation and upgrade from 24.3.0, 24.2.x and 24.1.x. For more information, see Oracle Communications Cloud Native Core, cnDBTier Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, cnDBTier (cnDBTier) 24.3.0 NA cnDBTier 24.3.0 supports fresh installation and upgrade from 24.2.x and 24.1.x. For more information, see Oracle Communications Cloud Native Core, cnDBTier Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Cloud Native Environment (CNE) 24.3.3 NA CNE 24.3.3 supports fresh installation and upgrade from 24.3.x and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Cloud Native Environment Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Cloud Native Environment (CNE) 24.3.2 NA CNE 24.3.2 supports fresh installation and upgrade from 24.3.x and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Cloud Native Environment Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Cloud Native Environment (CNE) 24.3.1 NA CNE 24.3.1 supports fresh installation and upgrade from 24.3.0 and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Cloud Native Environment Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Cloud Native Environment (CNE) 24.3.0 NA CNE 24.3.0 supports fresh installation and upgrade from 24.2.x. For more information, see Oracle Communications Cloud Native Core, Cloud Native Environment Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Certificate Management (OCCM) 24.3.0 NA OCCM 24.3.0 supports fresh installation and upgrade from 24.1.x and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Certificate Management Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Network Repository Function (NRF) 24.3.0 24.3.0 NRF 24.3.0 supports fresh installation and upgrade from 24.1.x and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Network Repository Function Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Network Slice Selection Function (NSSF) 24.3.2 24.3.2 NSSF 24.3.2 supports fresh installation and upgrade from 24.2.x and 24.3.x. For more information, see Oracle Communications Cloud Native Core, Network Slice Selection Function Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Network Slice Selection Function (NSSF) 24.3.1 24.3.1 NSSF 24.3.1 supports fresh installation and upgrade from 24.3.0. For more information, see Oracle Communications Cloud Native Core, Network Slice Selection Function Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Network Slice Selection Function (NSSF) 24.3.0 24.3.0 NSSF 24.3.0 supports fresh installation and upgrade from 24.2.x. For more information, see Oracle Communications Cloud Native Core, Network Slice Selection Function Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Converged Policy (Policy) 24.3.0 24.3.0 Policy 24.3.0 supports fresh installation and upgrade from 24.2.x and 24.1.x. For more information, see Oracle Communications Cloud Native Core, Converged Policy Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, OCI Adaptor 24.3.0 NA OCI Adaptor supports fresh installation only. For more information, see Oracle Communications Cloud Native Core, OCI Deployment Guide.
Oracle Communications Operations Services Overlay (OSO) 24.3.1 NA OSO 24.3.1 supports fresh installation. For more information, see Oracle Communications Operations Services Overlay Installation and Upgrade Guide.
Oracle Communications Operations Services Overlay (OSO) 24.3.0 NA OSO 24.3.0 supports fresh installation. For more information, see Oracle Communications Operations Services Overlay Installation and Upgrade Guide.
Oracle Communications Cloud Native Core, Service Communications Proxy (SCP) 24.3.0 24.3.0 SCP 24.3.0 supports fresh installation and upgrade from 24.2.x and 24.1.x. For more information, see Oracle Communications Cloud Native Core, Service Communication Proxy Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Security Edge Protection Proxy (SEPP) 24.3.2 24.3.0 SEPP 24.3.2 supports fresh installation and upgrade from 24.3.x, 24.1.x, and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Security Edge Protection Proxy Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Security Edge Protection Proxy (SEPP) 24.3.1 24.3.0 SEPP 24.3.1 supports fresh installation and upgrade from 24.3.0, 24.1.x, 24.2.0, 24.2.1, and 24.2.3.

Upgrade from 24.2.4 is not supported to this release.

For more information, see Oracle Communications Cloud Native Core, Security Edge Protection Proxy Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Security Edge Protection Proxy (SEPP) 24.3.0 24.3.0 SEPP 24.3.1 supports fresh installation and upgrade from 24.3.0, 24.1.x, 24.2.0, 24.2.1, and 24.2.3.

Upgrade from 24.2.4 is not supported to this release.

For more information, see Oracle Communications Cloud Native Core, Security Edge Protection Proxy Installation, Upgrade, and Fault Recovery Guide.
Oracle Communications Cloud Native Core, Unified Data Repository (UDR) 24.3.0 24.3.0 UDR 24.3.0 supports fresh installation and upgrade from 24.1.x and 24.2.x. For more information, see Oracle Communications Cloud Native Core, Unified Data Repository Installation, Upgrade, and Fault Recovery Guide.

3.2 Compatibility Matrix

The following table lists the compatibility matrix for each network function:

Note:

  • For seamless integration and optimal performance of CNC NFs on third party platform, the third party platform needs to be compatible with the specified Kubernetes version.

Table 3-2 Compatibility Matrix

CNC NF NF Version CNE cnDBTier OSO ASM S/W Kubernetes CNC Console OCNADD OCCM OCI Adaptor
BSF 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.14.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA 24.3.x NA
CNC Console 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 1.14.6
  • 1.11.8
  • 1.9.8
  • 1.30.x
  • 1.29.x
  • 1.28.x
 NA 24.3.x 24.3.x 24.3.x
cnDBTier 24.3.1
  • 24.3.x
  • 24.2.x
  • 24.1.x
 NA NA NA
  • 1.30.x
  • 1.29.x
  • 1.28.x
 NA NA NA NA
cnDBTier 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
 NA NA NA
  • 1.30.x
  • 1.29.x
  • 1.28.x
 NA NA NA NA
CNE 24.3.3 NA NA NA NA 1.30.x NA NA NA NA
CNE 24.3.2 NA NA NA NA 1.30.x NA NA NA NA
CNE 24.3.1 NA NA NA NA 1.30.x NA NA NA NA
CNE 24.3.0 NA NA NA NA 1.30.x NA NA NA NA
NRF 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.14.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x 24.3.x 24.3.x 24.3.x
NSSF 24.3.2
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.1.4.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA NA NA
NSSF 24.3.1
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.1.4.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA NA NA
NSSF 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.1.4.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA NA NA
Policy 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.1.4.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA 24.3.x NA
OCCM 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
 NA NA NA
  • 1.30.x
  • 1.29.x
  • 1.28.x
 23.4.x NA NA NA
OCI Adaptor 24.3.0 NA
  • 24.3.x
  • 24.2.x
  • 24.1.x
 NA NA
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA NA NA
OSO 24.3.1 NA NA NA NA
  • 1.30.x
  • 1.29.x
  • 1.28.x
 NA NA NA NA
OSO 24.3.0 NA NA NA NA
  • 1.30.x
  • 1.29.x
  • 1.28.x
 NA NA NA NA
SCP 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 1.14.6
  • 1.11.8
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x 24.3.x 24.3.x 24.3.x
SEPP 24.3.2
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.14.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA 24.3.x 24.3.x
SEPP 24.3.1
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.14.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA 24.3.x 24.3.x
SEPP 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
 1.14.6
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA 24.3.x 24.3.x
UDR 24.3.0
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 24.3.x
  • 24.2.x
  • 24.1.x
  • 1.1.4.6
  • 1.11.8
  • 1.30.x
  • 1.29.x
  • 1.28.x
 24.3.x NA 24.3.x NA

3.3 3GPP Compatibility Matrix

The following table lists the 3GPP compatibility matrix for each network function:

Table 3-3 3GPP Compatibility Matrix

CNC NF NF Version 3GPP
BSF 24.3.0
  • 3GPP TS 23.501 v18.4.0
  • 3GPP TS 23.502 v18.4.0
  • 3GPP TS 23.503 v18.4.0
  • 3GPP TS 29.500 v18.3.0
  • 3GPP TS 29.510 v18.4.0
  • 3GPP TS 29.510 v17.7.0
  • 3GPP TS 29.513 V18.4.0
  • 3GPP TS 29.521 v18.3.0
  • 3GPP TS 33.501 v18.3.0
CNC Console 24.3.0 NA
cnDBTier 24.3.0 NA
CNE 24.3.x NA
NRF 24.3.0
  • 3GPP TS 29.510 v15.5
  • 3GPP TS 29.510 v16.3.0
  • 3GPP TS 29.510 v16.7
  • 3GPP TS 29.510 v17.7
NSSF 24.3.x
  • 3GPP TS 29.531 v15.5.0
  • 3GPP TS 29.531 v16.5.0
  • 3GPP TS 29.531 v16.8.0
  • 3GPP TS 29.501 v16.10.0
  • 3GPP TS 29.502 v16.10.0
NSSF 24.3.0
  • 3GPP TS 29.531 v15.5.0
  • 3GPP TS 29.531 v16.5.0
  • 3GPP TS 29.531 v16.8.0
  • 3GPP TS 29.501 v16.10.0
  • 3GPP TS 29.502 v16.10.0
OCCM 24.3.0
  • 3GPP TS 33.310-h30
  • 3GPP TR 33.876 v.0.3.0
OSO 24.3.x NA
Policy 24.3.0
  • 3GPP TS 33.501 v17.7.0
  • 3GPP TS 29.500 v17.12.0
  • 3GPP TS 23.501 v17.10.0
  • 3GPP TS 23.502 v17.10.0
  • 3GPP TS 23.503 v17.10.0
  • 3GPP TS 29.504 v17.12.0
  • 3GPP TS 29.507 v17.10.0
  • 3GPP TS 29.510 v17.11.0
  • 3GPP TS 29.512 v17.12.0
  • 3GPP TS 29.513 V17.12.0
  • 3GPP TS 29.514 v17.9.0
  • 3GPP TS 29.214 v17.4.0
  • 3GPP TS 29.518 v17.12.0
  • 3GPP TS 29.519 v17.12.0
  • 3GPP TS 29.520 v17.11.0
  • 3GPP TS 29.521 v17.9.0
  • 3GPP TS 29.525 v17.9.0
  • 3GPP TS 29.594 v17.5.0
  • 3GPP TS 29.519 v15.5.0
  • 3GPP TS 23.203 v16.2.0
  • 3GPP TS 29.212 V16.3.0
  • 3GPP TS 29.213 v16.3
  • 3GPP TS 29.214 v16.2.0
  • 3GPP TS 29.219 v16.0.0
  • 3GPP TS 29.335 v16.0
SCP 24.3.0
  • 3GPP TS 29.500 R16 v16.6.0
  • 3GPP TS 29.501 R16 v16.5.0
SEPP 24.3.x
  • 3GPP TS 23.501 v17.6.0
  • 3GPP TS 23.502 v17.6.0
  • 3GPP TS 29.500 v17.8.0
  • 3GPP TS 29.501 v17.7.0
  • 3GPP TS 29.573 v17.6.0
  • 3GPP TS 29.510 v17.7.0
  • 3GPP TS 33.501 v17.7.0
  • 3GPP TS 33.117 v17.1.0
  • 3GPP TS 33.210 v17.1.0
UDR 24.3.0
  • 3GPP TS 29.505 v15.4.0
  • 3GPP TS 29.504 v16.2.0
  • 3GPP TS 29.519 v16.2.0
  • 3GPP TS 29.511 v17.2.0

Note:

Refer to the Compliance Matrix spreadsheet for details on NFs' compliance with each 3GPP version mentioned in this table.

3.4 Common Microservices Load Lineup

This section provides information about common microservices and ATS for the specific NF versions in Oracle Communications Cloud Native Core Release 3.24.3.

Table 3-4 Common Microservices Load Lineup for Network Functions

CNC NF NF Version Alternate Route Svc App-Info ASM Configuration ATS Framework Config-Server Debug-tool Egress Gateway Ingress Gateway Helm Test Mediation NRF-Client Perf-Info
BSF 24.3.0 24.3.3 24.3.4 24.3.0 24.3.1 24.3.4 24.3.1 24.3.3 24.3.3 24.3.2 NA 24.3.2 24.3.4
CNC Console 24.3.0 NA NA NA NA NA 24.3.1 NA 24.3.3 24.3.2 NA NA NA
OCCM 24.3.0 NA NA NA NA NA 24.3.1 NA NA 24.3.2 NA NA NA
NRF 24.3.0 24.3.3 24.3.3 24.3.0 24.3.1 NA 24.3.1 24.3.3 24.3.3 24.3.2 NA NA 24.3.3
NSSF 24.3.2 24.3.6 24.3.3 24.3.2 24.3.1 24.3.3 24.3.1 24.3.6 24.3.6 24.3.2 NA 24.3.1 24.3.3
NSSF 24.3.1 24.3.3 24.3.3 24.3.1 24.3.1 24.3.3 24.3.1 24.3.3 24.3.3 24.3.2 NA 24.3.1 24.3.3
NSSF 24.3.0 24.3.3 24.3.3 24.3.0 24.3.1 24.3.3 24.3.1 24.3.3 24.3.3 24.3.2 NA 24.3.1 24.3.3
Policy 24.3.0 24.3.3 24.3.5 24.3.0 24.3.1 24.3.5 24.3.1 24.3.3 24.3.3 24.3.2 NA 24.3.2 24.3.5
SCP 24.3.0 NA NA 24.3.0 24.3.1 NA 24.3.1 NA NA 24.3.2 24.3.1 NA NA
SEPP 24.3.2 24.3.5 24.3.3 24.3.0 24.3.1 24.3.3 24.3.1 24.3.5 24.3.5 24.3.2 24.3.1 24.3.4 24.3.3
SEPP 24.3.1 24.3.2 24.3.3 24.3.0 24.3.1 24.3.3 24.3.1 24.3.2 24.3.2 24.3.2 24.3.1 24.3.1 24.3.3
SEPP 24.3.0 24.3.2 24.3.3 24.3.0 24.3.1 24.3.3 24.3.1 24.3.2 24.3.2 24.3.2 24.3.1 24.3.1 24.3.3
UDR 24.3.0 24.3.3 24.3.3 24.3.0 24.3.1 24.3.3 24.3.1 24.3.3 24.3.3 24.3.2 NA 24.3.2 24.3.3

3.5 Security Certification Declaration

This section lists the security tests and the corresponding dates of compliance for each network function:

3.5.1 BSF Security Certification Declaration

Release 24.3.0

Table 3-5 BSF Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Nov 4, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 8, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Nov 4, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Nov 7, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.2 CNC Console Security Certification Declaration

Release 24.3.0

Table 3-6 CNC Console Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 29, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 25, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Oct 28, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Oct 24, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.3 OCCM Security Certification Declaration

Release 24.3.0

Table 3-7 OCCM Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 22, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 22, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Oct 23, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Oct 23, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.4 NRF Security Certification Declaration

Release 24.3.0

Table 3-8 NRF Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 26, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 26, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Oct 26, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Oct 26, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.5 NSSF Security Certification Declaration

Release 24.3.2

Table 3-9 NSSF Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 July 18, 2025 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

July 18, 2025 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

July 18, 2025 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

July 18, 2025 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

Release 24.3.1

Table 3-10 NSSF Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Sep 11, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Sep 11, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Sep 11, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Sep 11, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

Release 24.3.0

Table 3-11 NSSF Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Sep 11, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Sep 11, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Sep 11, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Sep 11, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.6 Policy Security Certification Declaration

Policy 24.3.0

Table 3-12 Policy Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 31, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 22, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Nov 04, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Nov 15, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.7 SCP Security Certification Declaration

SCP 24.3.0

Table 3-13 SCP Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 2, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 21, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Oct 21, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Oct 21, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found or pending during internal security testing.

3.5.8 SEPP Security Certification Declaration

Release 24.3.2

Table 3-14 SEPP Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 April 30, 2025 No unmitigated critical or high findings. Scan done through Fortify.
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

NA No unmitigated critical, high, medium, and low findings. Scan done through RestFuzz.
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

NA No unmitigated critical or high findings. Scan done through Blackduck.
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

April 30, 2025 No issues found. Scan done through McAfee.
Release 24.3.1

Table 3-15 SEPP Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Feb 03, 2025 No unmitigated critical or high findings. Scan done through Fortify.
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

NA No unmitigated critical, high, medium, and low findings. Scan done through RestFuzz.
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

NA No unmitigated critical or high findings. Scan done through Blackduck.
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Feb 04, 2025 No issues found. Scan done through McAfee.
Release 24.3.0

Table 3-16 SEPP Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 24, 2024 No unmitigated critical or high findings. Scan done through Fortify.
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Sep 11, 2024 No unmitigated critical, high, medium, and low findings. Scan done through RestFuzz.
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Oct 24, 2024 No unmitigated critical or high findings. Scan done through Blackduck.
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Oct 25, 2024 No issues found. Scan done through McAfee.

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.5.9 UDR Security Certification Declaration

Release 24.3.0

Table 3-17 UDR Security Certification Declaration

Compliance Test Description Test Completion Date Summary
Static Source Code Analysis

Additional Info: Assesses adherence to common secure coding standards

 Oct 25, 2024 No unmitigated critical or high findings
Dynamic Analysis (including fuzz testing)

Additional Info: Tests for risk of common attack vectors such as OWASP Top 10 and SANS 25

Oct 25, 2024 No unmitigated critical or high findings
Vulnerability Scans

Additional Info: Scans for CVEs in embedded 3rd party components

Oct 25, 2024 No unmitigated critical or high finding
Malware Scans

Additional Info: Scans all deliverable software packages for the presence of known malware

Oct 25, 2024 No findings

Overall Summary: No critical or severity 1 security issues were found during internal security testing.

3.6 Documentation Pack

All documents for Oracle Communications Cloud Native Core (CNC) 3.24.3 are available for download on SecureSites and MOS.

To learn how to access and download the documents from SecureSites, see Oracle users or Non-Oracle users.

To learn how to access and download the documentation pack from MOS, see Accessing NF Documents on MOS.

The NWDAF documentation is available on Oracle Help Center (OHC).