Unspecified Vulnerability in Oracle Retail Applications
CVE-2016-5476

7.6HIGH

Key Information:

Vendor
Oracle
Status
Retail Integration Bus
Vendor
CVE Published:
21 July 2016

Summary

A vulnerability exists within the Oracle Retail Integration Bus component of Oracle Retail Applications that allows remote authenticated users to potentially compromise confidentiality, integrity, and availability. This issue stems from specific vectors related to installation processes, creating a risk for organizations utilizing affected versions. It is crucial for users of Oracle Retail Applications to ensure they are updated with the latest security patches to mitigate potential exploitation.

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036397
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/91787
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.