Vulnerability in Oracle Retail Customer Management and Segmentation Foundation
CVE-2019-2884

5.9MEDIUM

Key Information:

Vendor: Oracle
Status: Retail Customer Management And Segmentation Foundation
Vendor: CVE Published:; 16 October 2019

Summary

A vulnerability exists in the Oracle Retail Customer Management and Segmentation Foundation product that allows an unauthenticated attacker to access the system via HTTP. This weakness poses significant risks, including unauthorized access to sensitive data stored within the application. Exploitation of this vulnerability could potentially lead to complete compromise of the data accessible through the Oracle Retail Customer Management and Segmentation Foundation service.

Affected Version(s)

Retail Customer Management and Segmentation Foundation 17.0

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 16, 2019
Vulnerability Reserved
Dec 14, 2018