CVE-2019-2884

Name of the Vulnerable Software and Affected Versions Oracle Retail Customer Management and Segmentation Foundation version 17.0

Description The issue is related to a lack of protection for service data in the Segment component of the Oracle Retail Customer Management and Segmentation Foundation software. This can be exploited by a remote attacker to gain unauthorized access to protected information via the HTTP protocol. Successful attacks can result in unauthorized access to critical data.

Recommendations For version 17.0, update to a version that includes a fix for this issue to prevent unauthorized access to critical data. As a temporary workaround, consider restricting access to the Segment component to minimize the risk of exploitation.