Unauthenticated Access Vulnerability in MICROS Retail-J from Oracle
CVE-2018-2889
7.5HIGH
Summary
A serious vulnerability exists in MICROS Retail-J, a component of Oracle Retail Applications, which allows an unauthenticated attacker to gain unauthorized access to sensitive data over HTTP. This issue affects version 12.1.2 of MICROS Retail-J and can lead to significant data breaches, compromising confidentiality and enabling attackers to interact with all data that MICROS Retail-J can access.
Affected Version(s)
MICROS Retail-J 12.1.2
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved