You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Get Started with Redwood for Oracle Cloud HCM   Begin Now
To ensure that questions get required attention from community members and are NOT left unanswered, it’s important for the author to indicate (by selecting “Yes” or “No” when prompted) whether the question was answered. (newly added) Please note that it is also important to respond to EACH comment your question receives. Your Yes or No response ensures an accurate status for your question.

For more information, please refer to this announcement explaining best practices for getting answers to questions.

Need to know the status of VAPT findings as per report published on 25th Apr'23

edited Sep 28, 2023 8:29AM in Human Capital Management 6 comments

Summary:

Regarding "PENETRATION TEST EXECUTIVE SUMMARY REPORT WEB APPLICATION | ORACLE FUSION 22A" VAPT report, there were 2 open findings, pasted below:

3. Vulnerable JavaScript Dependency (Vendor Rating – Medium | CVSS – 6.1)

Mitigation: This finding is being tracked by ticket 35083980 and is scheduled to be

resolved in the 23C release.

4. User Enumeration in Oracle Social Network (Vendor Rating – Low | CVSS – 4.3)

Mitigation: This finding was tracked by ticket 31711679 and deemed an operational

requirement.

We need to know the status of the same. Our Auditor needs an update on these findings. Attaching the VAPT report for reference.

Content (required): VAPT

Version (include the version you are using, if applicable): 23C

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!