CBB - ConfigureEnv.Log Contains User's Passwords In Plain Text (Doc ID 1385894.1)

Last updated on MARCH 20, 2019

Applies to:

Oracle Utilities Customer Care and Billing - Version 2.3.1 and later
Information in this document applies to any platform.

Goal

The script configureEnv.sh (or the Windows version configureEnv.cmd) reports plain text passwords in the log file configureEnv.log.

Steps to reproduce:
1) execute configureEnv script, use the menu to change one
of the configurable passwords, press <P> to process.
2) Open the <SPLENVIRON>/logs/system/configureEnv.log with an editor, it shows
the actual encryption command line with the password in plain text.

End of output
111115:100107 <info> About to exec command /software/java/bin/java com.splwg.shared.common.Cryptography -p <PASSWORD>

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

CBB - ConfigureEnv.Log Contains User's Passwords In Plain Text (Doc ID 1385894.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!