EM 13C:AlwaysOn Monitoring Vulnerability (Doc ID 3073429.1)

Last updated on FEBRUARY 25, 2025

Applies to:

Enterprise Manager Base Platform - Version 13.5.0.0.0 and later
Information in this document applies to any platform.

Symptoms

security team have found the following issue with Always on Monitoring.

The web server is configured to allow one or more of the following HTTP methods (not limited to):
- HEAD - PUT- DELETE - TRACE

Many of these methods are designed to aid developers in deploying and testing HTTP applications. These HTTP methods can be used for nefarious purposes if the web server is misconfigured.

Changes

None

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

EM 13C:AlwaysOn Monitoring Vulnerability (Doc ID 3073429.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!