CVE-2018-2887

3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.5%

top 34.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Micros Retail-j Oracle Micros Retail-j

Timeline

PublishedOct 17

Latest updateMay 13

Description

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office). Supported versions that are affected are 13.0.0 and 12.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS Retail-J. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MICROS Retail-J accessible data as well as unauthorized read access to a subset of MICROS Retail-J…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

▶NVDoracle/micros_retail-j12.1.2, 13.0.0+1

▶CVEListV5oracle_corporation/micros_retail-j12.1.2, 13.0.0+1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-8xgx-x9qh-pf23: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office)↗2022-05-13

▶

CVEList

CVE-2018-2887: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office)↗2018-10-17

▶