Disable UDDI Access
(Doc ID 2891186.1)
Last updated on MAY 31, 2024
Applies to:
Oracle Utilities Customer Care and Billing - Version 2.4.0.1.0 and laterInformation in this document applies to any platform.
Goal
On : 2.4.0.1.0 version, ENV - Environment
Disable UDDI access
Spin-off from SR 3-30348295551 : Disable UDDI access
We have received Vulnerability testing report and it has been identified that SearchPublicRegistries.jsp in Weblogic is vulnerable to SSRF (Server Side Request Forgery) and other issues.
Request procedure to remove this vulnerability.
Our weblogic version is 10.3.6 and we are running Oracle CC&B (Customer Care and Billing) application version 2.4.0.1 on top of it.
User will be applying the patches as per Oracle documentation and siabling UDDI as per Oracle documentation. Please answer the questions below:
1. From CC&B perspective if UDDI is used in any CC&B modules?
2. Will there be any adverse affect on the application itself if UDDI is disabled.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |