CVE-2015-0390
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
Unspecified vulnerability in the MICROS Retail component in Oracle Retail Applications Xstore: 3.2.1, 3.4.2, 3.5.0, 4.0.1, 4.5.1, 4.8.0, 5.0.3, 5.5.3, 6.0.6, and 6.5.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Xstore Point of Sale.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| oracle | retail_applications_xstore | 3.2.1 | |
| oracle | retail_applications_xstore | 3.4.2 | |
| oracle | retail_applications_xstore | 3.5.0 | |
| oracle | retail_applications_xstore | 4.0.1 | |
| oracle | retail_applications_xstore | 4.5.1 | |
| oracle | retail_applications_xstore | 4.8.0 | |
| oracle | retail_applications_xstore | 5.0.3 | |
| oracle | retail_applications_xstore | 5.5.3 | |
| oracle | retail_applications_xstore | 6.0.6 | |
| oracle | retail_applications_xstore | 6.5.2 | |
References
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.securityfocus.com/bid/72247
- http://www.securitytracker.com/id/1031591
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100138
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.securityfocus.com/bid/72247
- http://www.securitytracker.com/id/1031591
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100138
Verify integrity in audit chain (admin only). AS-IS.