Remote Authentication Vulnerability in Oracle Retail Central Office by Oracle
CVE-2013-2397

Currently unrated

Key Information:

Vendor: Oracle
Status: Industry Applications
Vendor: CVE Published:; 17 April 2013

Summary

A vulnerability exists within the Oracle Retail Central Office component of Oracle Industry Applications, which allows remote authenticated users to potentially compromise sensitive information and application integrity. This security flaw affects versions 13.1 to 13.4, particularly through mechanisms related to Customer Operations, including actions like adding and searching for customer data. If left unaddressed, this vulnerability poses significant risks to data confidentiality and operational integrity.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Timeline

Vulnerability published
Apr 17, 2013
Vulnerability Reserved
Mar 5, 2013