Without knowing what problems exist in a system, progress is impossible. Though a Polish company called Security Explorations has recently released a report pointing out security vulnerabilities that can be found in Oracle Java Cloud Service, the result shouldn't be fear among Oracle users, but a drive to seek out solutions if these flaws pose a threat to your mainframe access and IT modernization efforts.
The text of the report describes in detail 28 "issues" that the company found within Oracle's cloud, as well as several other weaknesses. The Java Cloud system can reportedly be accessed relatively easily by potential attackers, and the company ran its own tests to demonstrate how these kinds of exploitations and attacks could be executed in different scenarios.
The press release on this report takes Oracle to task for allowing such security flaws to be present in their systems.
"The nature of the weaknesses identified in Oracle's service indicates that it was not a subject of a thorough security review and penetration testing prior to the public offering," the statement reads. "They illustrate known and widely discussed security risks related to Java. They also expose weak understanding of Java security model and its attack techniques by Oracle engineers."
IT World noted that the company has informed Oracle of its security problems in the past, at least for some of the flaws found earlier this year.
The web-based terminal emulators your business may be using are probably obsolete once the risks posed by Java are fully understood. Your business might find it necessary to turn to a pure HTML terminal emulator soon, to avoid the security faults found even in well-known services like Oracle and Java.