Employee Home Phone Are Exposed In Isupport causing Security Risks
(Doc ID 1116957.1)
Last updated on MAY 19, 2020
Applies to:Oracle Teleservice - Version 12.0.6 to 12.0.6 [Release 12]
Information in this document applies to any platform.
On : 12.0.6 version, in iSupport, Find that when adding contacts, Home Phone Number of the employee in the selection list are displaying. Occasionally fails with Error: java.sql.SQLException: ORA-00907: missing right parenthesis.
Do not expect to see employee home phone numbers to be shown. this needs a fix to this security issue.
The issue can be reproduced at will with the following steps:
1. Responsibility iSupport Employee User > iSupport
2. Create a Service Request
3. Create an alternative contact person.
4. Locate a random person
5. One can view that persons personal details - Home phone numbers.
Personal phone numbers of contacts should not be displayed in iSupport when creating Service Requests.
Due to this issue, users security is impaired.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document