Man In The Middle Attacks With SSL Enabled
(Doc ID 2769264.1)
Last updated on MAY 03, 2021
Applies to:Oracle API Platform Cloud Service - Version N/A and later
Information in this document applies to any platform.
The problem is that even with SSL enabled in the APIs from OIC, Interceptor tools like Burp are able to intercept the REST call from VBCS to OIC and modify the contents.
This is not an expected behavior with SSL enabled.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document