Security Fixes

Mitigation of Internal Privilege Escalation Vulnerability

Addressed a privilege escalation vulnerability that allowed one authorized user to gain elevated privileges over another user within the same system. This issue did not involve access by unauthorized third parties.

Enhancing Security: Update of Oracle OS Libraries and Dependencies

Updated critical Oracle OS libraries and dependencies to their latest secure versions. Regular hotfixes will be released to address vulnerabilities in outdated packages and mitigate risks.

Strengthened Web Security with Enhanced Security Headers

Improved the implementation of security headers like X-Frame-Options, Content-Security-Policy, and X-Content-Type-Options to defend against XSS, clickjacking, and MIME-type mismatch attacks.

Enhanced Access Control Security

Addressed vulnerabilities in access control by enhancing object-level permission validation and implementing robust role-based access controls (RBAC) to prevent unauthorized actions.

Hardened Self-Service Portal Security

Fixed security vulnerabilities in the self-service portal by improving input validation, error handling, and overall operational security.

Strengthening Session Management Security

Improved session management by implementing secure cookie attributes (HTTP Only, Secure, SameSite) and establishing robust session expiration policies to mitigate session hijacking and fixation attacks.

Enhanced Endpoint Security Through Improved Device Detection

Improved the logic for detecting endpoint devices to ensure accurate identification and validation of device attributes, significantly enhancing endpoint security.