Oracle E-Business Suite Credential Exposure Vulnerability
Last Revised
Oracle E-Business Suite 12.0-12.1, when used with native login pages or single sign-on (SSO) / Oracle Access Management (OAM) with native login pages, contains a credential exposure vulnerability. An authenticated attacker with appropriate database or operating system privileges can read credentials from database logs.
Oracle has released software updates that address this vulnerability.
US-CERT encourages administrators to review this Vulnerability Note VU#826463 and follow best security practices to determine if their organization is affected and the appropriate response.
This product is provided subject to this Notification and this Privacy & Use policy.