Sensitive Information Can Be Manipulated (Doc ID 2626670.1)

Last updated on JUNE 21, 2021

Applies to:

Oracle FLEXCUBE Universal Banking - Version 12.4.0.0.0 and later
Information in this document applies to any platform.

Symptoms

On : 12.4.0.0.0 version, Production Support-SET

Sensitive information is coming in STDACCLO screen.

STEPS

The application reveals sensitive or excessive information which is not required otherwise or not consumed at client side. This additional information gives attacker significant advantage to mount other attacks or understand about application logic. This includes confidential or PII information such as full account or card numbers, application stack trace, server side errors, unexpected application behavior, descriptive error messages etc.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Symptoms

Cause

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Sensitive Information Can Be Manipulated (Doc ID 2626670.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!