Am 15.07.26 um 11:10 schrieb Anushka sur:
We have identified a VAPT issue in our Oracle APEX application deployed on
ORDS 24.1.11 running on Apache Tomcat 9.0.11.
...
Please investigate and suggest the required configuration or remediation
steps.
Anushka,
Have you already checked if this is still reproducible on a Tomcat
version that was published after 2018, e.g. the latest one, published
about a week ago? (Also, have you checked which other - potentially even
more dramatic security-related issues - might have been fixed in the
past 8 years since 9.0.11 was released?)
Those would be steps 1 (and likely 2, for upgrading) of the recommended
remediation steps.
Best,
Olaf
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]