My Oracle Support Banner

Sensitive Information Can Be Manipulated (Doc ID 2626670.1)

Last updated on JANUARY 06, 2020

Applies to:

Oracle FLEXCUBE Universal Banking - Version 12.4.0.0.0 and later
Information in this document applies to any platform.

Symptoms

On : 12.4.0.0.0 version, Production Support-SET


Sensitive information is coming in STDACCLO screen.

STEPS

The application reveals sensitive or excessive information which is not required otherwise or not consumed at client side. This additional information gives attacker significant advantage to mount other attacks or understand about application logic. This includes confidential or PII information such as full account or card numbers, application stack trace, server side errors, unexpected application behavior, descriptive error messages etc.


Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.