Disable UDDI Access
(Doc ID 2891186.1)
Last updated on AUGUST 23, 2022
Applies to:Oracle Utilities Customer Care and Billing - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
On : 22.214.171.124.0 version, ENV - Environment
Disable UDDI access
Spin-off from SR 3-30348295551 : Disable UDDI access
We have received Vulnerability testing report and it has been identified that SearchPublicRegistries.jsp in Weblogic is vulnerable to SSRF (Server Side Request Forgery) and other issues.
Request procedure to remove this vulnerability.
Our weblogic version is 10.3.6 and we are running Oracle CC&B (Customer Care and Billing) application version 126.96.36.199 on top of it.
User will be applying the patches as per Oracle documentation and siabling UDDI as per Oracle documentation. Please answer the questions below:
1. From CC&B perspective if UDDI is used in any CC&B modules?
2. Will there be any adverse affect on the application itself if UDDI is disabled.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document