Integrity Enhancement: Password Should Be Encrypted In Application And Database
Last updated on MARCH 07, 2016
Applies to:Oracle Communications Network Integrity - Version 3.6.0 and later
Information in this document applies to any platform.
This problem can occur on any platform.
-- Problem Statement:
The application and database stores the authentication credentials of database and application
users (respectively) in plain text. The following are the identified areas where the application
and database is storing in the plain text and requires enhancement for encryption.
1. User Credentials are transmitted over the wire in plain text
2. User Credentials of Thin client user in plain text ( in database)
3. User Credentials are stored in the plain text in the Installer properties file.
4. In the Application and DB installer, UI is showing the user credentials in the plain text.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms