CVE-2018-2882

3 documents3 sources

Severity

7.7HIGH

EPSS

0.2%

top 54.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Micros Retail-j Oracle Micros Retail-j

Timeline

PublishedJul 18

Latest updateMay 13

Description

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Interfaces). Supported versions that are affected are 10.2.x, 11.0.x, 12.0.x,12.1.x, 12.1.1.x,12.1.2.x and 13.1.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise MICROS Retail-J. While the vulnerability is in MICROS Retail-J, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:NExploitability: 3.1 | Impact: 4.0

Affected Packages2 packages

▶NVDoracle/micros_retail-j6 versions+5

▶CVEListV5oracle_corporation/micros_retail-j7 versions+6

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-4c9x-pr4f-c2j8: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Interfaces)↗2022-05-13

▶

CVEList

CVE-2018-2882: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Interfaces)↗2018-07-18

▶