"[2000088] Found Security Vulnerability" Error When Adding a New Payment Pattern

(Doc ID 2407951.1)

Last updated on JUNE 28, 2018

Applies to:

Oracle Financial Services Funds Transfer Pricing - Version 8.0.5 and later
Oracle Financial Services Asset Liability Management - Version 8.0.5 and later
Information in this document applies to any platform.
FTP - Oracle Financial Services Funds Transfer Pricing
OFSAAI - Oracle Financial Services Analytical Application Infrastructure

Symptoms

When adding a new Payment Pattern, the opened screen states "[2000088] Found security vulnerability"

The interface is also crashing with the following error in the fsapps.log from WEBSERVER log path:


Error:
[10-05-18 14:58:58 PM] ~ DEBUG ~ FSAPPS ~ [COMMONAPP] Infodom :FICMASTER
[10-05-18 14:58:58 PM] ~ ERROR ~ FSAPPS ~ ****** VALIDATION FAILED in isValidNumber function*****
[10-05-18 14:58:58 PM] ~ ERROR ~ FSAPPS ~ Input: is not a valid number
[10-05-18 15:03:56 PM] ~ DEBUG ~ FSAPPS ~ [COMMONAPP] Infodom :FICMASTER
[10-05-18 15:03:56 PM] ~ ERROR ~ FSAPPS ~ ****** VALIDATION FAILED in isValidNumber function*****
[10-05-18 15:03:56 PM] ~ ERROR ~ FSAPPS ~ Input: is not a valid number

UI Error:

Steps to Replicate:

  1. Applied the following patches:
    <Patch 27238526> REFLECTIVE CROSS SITE SCRIPTING AND SQL INJECTION ISSUES IN FTP
    <Patch 27705719> TRACTOR FTP IS NOT WORKING ON ROLL PORTFOLIO STEP > BLANK POPUP IN BEHAVIOR PATTERN
  2. Navigate to  FTP Maintenance -> Patterns -> Payment Patterns -> Add a Payment Patterns then error occurred.

Changes

Applied the following patches:
Patch 27238526 REFLECTIVE CROSS SITE SCRIPTING AND SQL INJECTION ISSUES IN FTP
Patch 27705719 TRACTOR FTP IS NOT WORKING ON ROLL PORTFOLIO STEP > BLANK POPUP IN BEHAVIOR PATTERN

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms