My Oracle Support Banner

AP: TIN Matching Inquiry Shows Rows To Unauthorized Users (Doc ID 2421961.1)

Last updated on FEBRUARY 03, 2019

Applies to:

PeopleSoft Enterprise FIN Payables - Version 9.2 and later
Information in this document applies to any platform.


On : 9.2 version, General

Users are shown information related to SetIDs that they were not authorized to access.

The issue can be reproduced at will with the following steps:
1. Set Security Options
  - Select User ID Level Security for Type of Security and Setid under Secured Fields
2. Define the Setid accessible by a user. In this example Setid defined for the user VP2 is SHR02.
3. Run Apply Security Setups
4. Logout and login as VP2
5. Test the changes by navigating to Supplier > Supplier Information > Maintain >TIN Matching Inquiry > Extract TIN Matching File
6. Click Look up for Setid
  - Notice that it is showing only SHR02 which is correct
7. Leave the Setid search parameter as blank
8. Click Search.
  - The result shows rows with Setid that was not defined for the user.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.