CVE-2018-3115

Name of the Vulnerable Software and Affected Versions Oracle Retail Sales Audit versions 15.0 through 16.0

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Retail Sales Audit. Successful attacks can result in unauthorized access to critical data, complete access to all Oracle Retail Sales Audit accessible data, as well as unauthorized update, insert, or delete access to some of Oracle Retail Sales Audit accessible data. Additionally, it can cause a partial denial of service of Oracle Retail Sales Audit.

Recommendations For versions 15.0 and 16.0, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.