ID CVE-2018-3126
Summary Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in takeover of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
References
Vulnerable Configurations
  • Oracle Retail Xstore Point Of Service 15.0.2
    cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.2
  • Oracle Retail Xstore Point Of Service 16.0.4
    cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.4
  • Oracle Retail Xstore Point Of Service 17.0.2
    cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.2
CVSS
Base: 6.0
Impact:
Exploitability:
refmap via4
bid 105596
confirm http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Last major update 16-10-2018 - 21:31
Published 16-10-2018 - 21:31
Last modified 02-10-2019 - 20:03
Back to Top