Database Vulnerability in Oracle Retail Applications Affecting MICROS Retail-J
CVE-2018-2881

6.3MEDIUM

Key Information:

Vendor: Oracle
Status: Micros Retail-j
Vendor: CVE Published:; 18 July 2018

What is CVE-2018-2881?

A vulnerability exists in the MICROS Retail-J component of Oracle Retail Applications, allowing low privileged attackers with network access via HTTP to manipulate MICROS Retail-J data. Successful exploitation could lead to unauthorized updates, inserts, or deletions, as well as unauthorized read access to specific data sets, and may also enable attackers to partially disrupt the service. This presents significant risks to the confidentiality, integrity, and availability of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MICROS Retail-J 11.0.x

MICROS Retail-J 12.0.x

MICROS Retail-J 12.1.x

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/104822

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 18, 2018
Vulnerability Reserved
Dec 15, 2017

JSON

Oracle