SQL Injection Vulnerability Found In OFSAA Application (Doc ID 3003571.1)

Last updated on FEBRUARY 15, 2024

Applies to:

Oracle Financial Services Behavior Detection Platform - Version 8.0 and later
Information in this document applies to any platform.

We have OFSAA installed in AWS VM(RHEL8) and Webserver is deployed on tomcat front-ended by Apache HTTP server.

While executing penetration test customer found SQL Injection vulnerability.

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Symptoms

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.