Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Retail_xstore_point_of_service
(Oracle)| Repositories | https://github.com/bcgit/bc-java |
| #Vulnerabilities | 124 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-12-01 | CVE-2017-15707 | In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. | Struts, Oncommand_balance, Agile_plm_framework, Enterprise_manager_for_virtualization, Financial_services_hedge_management_and_ifrs_valuations, Financial_services_market_risk_measurement_and_management, Global_lifecycle_management_opatchauto, Jd_edwards_enterpriseone_tools, Retail_order_broker, Retail_xstore_point_of_service, Webcenter_portal, Weblogic_server | 6.2 | ||
| 2018-10-16 | CVE-2018-3126 | Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in takeover of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (Confidentiality,... | Retail_xstore_point_of_service | 6.6 | ||
| 2018-04-19 | CVE-2018-2840 | Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.5.11, 7.0.6, 7.1.6, 15.0.1 and 16.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result... | Retail_xstore_point_of_service | 7.6 | ||
| 2016-04-21 | CVE-2016-3429 | Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Xstore Services. | Retail_xstore_point_of_service | 4.5 |