Unspecified Vulnerability in Oracle Retail Xstore Point of Service
CVE-2016-3429

4.5MEDIUM

Key Information:

Vendor: Oracle
Status: Retail Xstore Point Of Service
Vendor: CVE Published:; 21 April 2016

Summary

An unspecified vulnerability exists within the Oracle Retail Xstore Point of Service component in various releases of Oracle Retail Applications. This flaw enables remote authenticated users to potentially compromise the confidentiality and integrity of data processed through the Xstore Services. Attackers can exploit this vulnerability through advanced techniques, putting sensitive information at risk and affecting operational reliability. Organizations using the affected versions should take immediate steps to assess and mitigate potential impacts.

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1035600

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 21, 2016
Vulnerability Reserved
Mar 17, 2016