Oracle · Oracle Retail Xstore Office · CVE-2024-21136
Name of the Vulnerable Software and Affected Versions:
Oracle Retail Xstore Office versions 19.0.5, 20.0.3, 20.0.4, 22.0.0, and 23.0.1
Description:
The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Office, potentially resulting in unauthorized access to critical data or complete access to all Oracle Retail Xstore Office accessible data. While the vulnerability is in Oracle Retail Xstore Office, attacks may significantly impact additional products.
Recommendations:
For versions 19.0.5, 20.0.3, 20.0.4, 22.0.0, and 23.0.1, update to a version that includes the fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.