N/A

Vulnerability in the Oracle Retail Sales Audit component of Oracle Retail Applications (subcomponent: Operational Insights). Supported versions that are affected are 15.0 and 16.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Sales Audit. While the vulnerability is in Oracle Retail Sales Audit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Sales Audit accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Sales Audit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Sales Audit. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L).

N/A

N/A

Oracle Retail Applications Retail Sales Audit组件安全漏洞

Oracle Retail Applications是美国甲骨文（Oracle）公司的一套零售应用商店解决方案。Retail Sales Audit是其中的一个审计组件。 Oracle Retail Applications 15.0版本和16.0版本中的Retail Sales Audit组件的Operational Insights子组件存在安全漏洞。攻击者可利用该漏洞未授权访问、更新、插入或删除数据，造成拒绝服务，影响数据的保密性、完整性和可用性。

N/A

N/A