Vulnerability in Oracle Retail Applications Affecting Confidentiality and Integrity
CVE-2016-3611

5.4MEDIUM

Key Information:

Vendor
Oracle
Status
Retail Order Broker Cloud Service
Vendor
CVE Published:
21 July 2016

Summary

An unspecified vulnerability exists within the Oracle Retail Order Broker component of Oracle Retail Applications 15.0. This flaw allows remote attackers to impact the confidentiality and integrity of the system, particularly through vectors associated with system administration. Organizations utilizing this version of Oracle Retail Applications should ensure that they review their security posture and implement any necessary mitigations to protect sensitive data.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036397
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.