My Oracle Support Banner

UPK 12.1: Fixing Security Misconfiguration With UPK Knowledge Center (Doc ID 2259768.1)

Last updated on FEBRUARY 04, 2019

Applies to:

User Productivity Kit - Version 12.1.0.1 to 12.1.0.1 [Release 12.1]
Information in this document applies to any platform.

Goal

Oracle UPK Knowledge Center needs to meet the required security standards as a web based application.

The assessment was performed for vulnerabilities relevant to the OWASP Top 10 from 2013. The Vulnerabilities detected under "Security Misconfiguration" classification are as below:


1. Missing "content Security Policy” Header
2. Missing x-Content type option header
3. Missing "XSS Protection Header"
4. Missing HTTP Strict transport security Header
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.