PT-2018-15769 · Oracle · Oracle Retail Merchandising System

Published

2018-01-18

Updated

2019-10-03

CVE-2018-2730

CVSS v3.1

6.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Oracle Retail Merchandising System version 16.0

Description The issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle Retail Merchandising System. Successful attacks can result in unauthorized update, insert, or delete access to some of the system's accessible data, as well as unauthorized read access to a subset of the system's accessible data.

Recommendations For Oracle Retail Merchandising System version 16.0, update to a version that includes the fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-2730

Affected Products

Oracle Retail Merchandising System

PT-2018-15769 · Oracle · Oracle Retail Merchandising System

CVE-2018-2730

Related Identifiers

Affected Products

References · 4