Attention: To align with new corporate security policies, and to match policies adopted by other communities within Oracle, the My Oracle Support Community access requirements will change beginning September 18, 2025. MOSC will now require that member accounts in our community be associated to a *corporate* email address. This means that users with generic domains (such as gmail.com, yahoo.com, and others) will no longer be granted access to the discussion forums and ideas labs. If this policy affects you, act now to change the email address that is associated with your Oracle (and community) account. Alternatively, you can opt to create a new Oracle account that uses your corporate email domain.

Primavera (MOSC)

Security Hardening Guidance for Primavera P6 EPPM (WebLogic & DB Configuration)

Sep 18, 2025 5:02AM edited Sep 18, 2025 5:04AM in Primavera (MOSC) 1 commentAnswered

We are performing an internal security vulnerability assessment for Primavera P6 EPPM.
Could you provide official guidance or documentation on:

How to verify and disable anonymous/guest authentication in WebLogic used by P6 EPPM.
How to check if plaintext system accounts exist in configuration files and the recommended way to encrypt or remove them.
How to ensure database connection strings and passwords are encrypted (e.g., in datasource configuration files).

Are the above items acceptable even with the default settings?

0

Howdy, Stranger!

To view full details, sign in to My Oracle Support Community.

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month