My Oracle Support Banner

Weak Cryptographic Hashes Being Used In Soft Token App (Doc ID 2810860.1)

Last updated on SEPTEMBER 30, 2021

Applies to:

Oracle Banking Digital Experience - Version 20.1.0.0.0 to 21.1.0.0.0 [Release 20 to 21]
Information in this document applies to any platform.

Symptoms

ACTUAL BEHAVIOR
---------------
The present cryptographic hashes used in the application are susceptible to attacks and hence have been marked as obsolete as per the latest coding standards.

EXPECTED BEHAVIOR
-----------------------
SA-256 or above to be used to perform one way hashing for better security and integrity of data.

STEPS
-----------------------

There are no steps as such. This is a vulnerability that has been highlighted by the Bank security team.

BUSINESS IMPACT
-----------------------
The issue has the following business impact:
Due to this issue, Bank users feel that the applivcation is vulnerable to attacks.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.