Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Infrastructure). Supported versions that are affected are 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Point-of-Service accessible data as well as unauthorized read access to a subset of Oracle Retail Point-of-Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Point-of-Service. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle Retail Applications Retail Point-of-Service 访问控制错误漏洞
Vulnerability Description
Oracle Retail Applications是美国甲骨文(Oracle)公司的一套零售应用商店解决方案。该产品包括库存管理、销售管理和客户管理等。Retail Point-of-Service是其中的一个零售服务点管理组件。 Oracle Retail Applications中的Retail Point-of-Service组件13.4版本、14.0版本和14.1版本的Infrastructure子组件存在安全漏洞。攻击者可利用该漏洞未授权读取、更新、插入或删除数据,造成拒绝服务,影响数据的保密
CVSS Information
N/A
Vulnerability Type
N/A