CVE-2018-2881

Name of the Vulnerable Software and Affected Versions Oracle Retail Applications versions 11.0.x through 13.1.x

Description The issue allows a low-privileged attacker with network access via HTTP to compromise the MICROS Retail-J component. Successful attacks can result in unauthorized access to data, including update, insert, or delete access to some data, as well as unauthorized read access to a subset of data. Additionally, attacks can cause a partial denial of service of the MICROS Retail-J component.

Recommendations For versions 11.0.x through 13.1.x, update to a version that includes a fix for this issue to prevent unauthorized access and potential denial of service.