CVE-2013-3749

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 11.5.10.2, 12.0.6, 12.1.3

Description The issue affects confidentiality and is related to Logging in the Oracle Application Object Library component. It is reported that the problem might be caused by the storage of credentials in the FND LOG MESSAGES database table or log files by native login pages. However, Oracle has not confirmed this information.

Recommendations For Oracle E-Business Suite version 11.5.10.2, update to a version that includes the July 2013 CPU fixes. For Oracle E-Business Suite version 12.0.6, update to a version that includes the July 2013 CPU fixes. For Oracle E-Business Suite version 12.1.3, update to a version that includes the July 2013 CPU fixes.