CVE-2018-2889

3 documents3 sources

Severity

7.5HIGH

EPSS

1.3%

top 20.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Micros Retail-j Oracle Micros Retail-j

Timeline

PublishedOct 17

Latest updateMay 13

Description

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Internal Operations). The supported version that is affected is 12.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS Retail-J. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MICROS Retail-J accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vect…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDoracle/micros_retail-j12.1.2

▶CVEListV5oracle_corporation/micros_retail-j12.1.2

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-4w7f-m4fh-89h2: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Internal Operations)↗2022-05-13

▶

CVEList

CVE-2018-2889: Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Internal Operations)↗2018-10-17

▶