CVE-2018-2888

4 documents4 sources
Severity
6.7MEDIUM
EPSS
0.2%
top 62.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Micros Retail-jOracle Micros Retail-j
Timeline
PublishedJul 18
Latest updateMay 13

Description

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office). Supported versions that are affected are 10.2.x, 11.0.x, 12.0.x, 12.1.x, 12.1.1.x,12.1.2.x and 13.1.x. Difficult to exploit vulnerability allows physical access to compromise MICROS Retail-J. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MICROS Retail-J, attacks may significantly impact additional products. Successful att

CVSS vector

CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:LExploitability: 0.2 | Impact: 6.0

Affected Packages2 packages

NVDoracle/micros_retail-j6 versions+5
CVEListV5oracle_corporation/micros_retail-j7 versions+6

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-px33-mmj4-xghq: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office)2022-05-13
CVEList
CVE-2018-2888: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office)2018-07-18

💬Community

1
Bugzilla
CVE-2018-18385 rubygem-asciidoctor: Infinite loop in the #next_block method2018-10-18
CVE-2018-2888 (MEDIUM CVSS 6.7) | Vulnerability in the MICROS Retail- | cvebase.io