Anonymous User Login Will Be Disabled in Oracle iReceivables After 2023/2024 Security Patching
(Doc ID 2983600.1)
Last updated on MAY 20, 2024
Applies to:
Oracle iReceivables - Version 12.1 to 12.2 [Release 12.1 to 12.2]Information in this document applies to any platform.
Symptoms
The Anonymous User Login feature for Oracle iReceivables will be permanently disabled due to security reasons. After quarterly security patches are applied, the following message will appear when trying to access the AnonymousLogin.jsp:
The requested feature is no longer supported
Navigation: Access the AnonymousLogin.jsp
- Prior to security patching, the window will prompt the user for an account number. If the user enters the correct account number, they are allowed access to that customers data with no validation.
- If the user doesn't know the account number, they can randomly input number and could possibly enter a random number and access a different customers data with no validation.
- After security patching, the AnonymousLogin.jsp is permanently disabled.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |