Vulnerability in Oracle Retail Customer Management and Segmentation Foundation
CVE-2020-2649

3.3LOW

Key Information:

Vendor: Oracle
Status: Retail Customer Management And Segmentation Foundation
Vendor: CVE Published:; 15 January 2020

Summary

A low privileged attacker with access to the infrastructure running Oracle Retail Customer Management and Segmentation Foundation can exploit a vulnerability in the product, potentially gaining unauthorized read access to sensitive data. This issue affects version 16.0, and successful attacks may lead to compromised data confidentiality.

Affected Version(s)

Retail Customer Management and Segmentation Foundation 16.0

References

https://www.oracle.com/security-alerts/cpujan2020.html

x_refsource_MISC

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 15, 2020
Vulnerability Reserved
Dec 10, 2019