Last week, we begin a blogpost series with the objective of reviewing Oracle E-Business Suite Security. The first publication detailed how to activate the Server Security Feature, and in today’s post we will focus on password hashing. We will analyze the different types of hashing and how it is implemented in Oracle E-Business Suite.
As most of our regular readers may know, the Onapsis Research Labs have been working on developing Oracle Security for several months. We’ve done this by updating our readers with analysis on quarterly patch updates, and to date have released over one hundred advisories for this platform. In our continous goal to provide the industry with greater resources to secure their business critical applications, starting today we will be publishing a series of weekly blog posts focusing on different areas of protecting Oracle E-Business Suite.
As with the second Tuesday of every month, today SAP released its monthly Security Notes to keep your SAP infrastructure secure. This month, SAP published 18 new security notes, and released 11 security notes that were published after May 9th (last patch tuesday), totaling 29 notes that will be analyzed in this post. For the second month in a row there aren’t any notes tagged as Hot News; the most critical risk category that SAP has catalogued for newly discovered vulnerabilities.
Implement newly released SAP Security Note: 2473454 to confirm your SAP systems are protected.
As with the second Tuesday of every month, today SAP released its monthly Security Notes to keep your SAP infrastructure secure. This month, SAP published 14 new Security Notes with only one note tagged as High Priority. However, of these 14 notes, four of them are updates to previous publications. Based on the number of fixed vulnerabilities, and the criticality of each, it’s safe to say that this is not a critical patch day for SAP compared to previous months.