CVE-2017-10065

Published: Oct 19, 2017Modified: May 13, 2026

8.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N

Exploitability: 3.1 / Impact: 4.7

Source: NVD

Description

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. While the vulnerability is in Oracle Retail Point-of-Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Retail Point-of-Service accessible data as well as unauthorized read access to a subset of Oracle Retail Point-of-Service accessible data. CVSS 3.0 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N).

Affected (27)

Products: Oracle: Retail Point Of Service

Oracle

1 product

Retail Point Of Service

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Oracle Retail Point Of Service	Version 15.0.0
Oracle Retail Point Of Service	Version 15.0.1
Oracle Retail Point Of Service	Version 16.0.0.1
Oracle Retail Point Of Service	Version 16.0.0
Oracle Retail Point Of Service	Version 16.0.1
Oracle Retail Point Of Service	Version 16.0.2
Oracle Retail Point Of Service	Version 6.0.0
Oracle Retail Point Of Service	Version 6.0.10
Oracle Retail Point Of Service	Version 6.0.11
Oracle Retail Point Of Service	Version 6.5.0
Oracle Retail Point Of Service	Version 6.5.10
Oracle Retail Point Of Service	Version 6.5.11
Oracle Retail Point Of Service	Version 6.5.4
Oracle Retail Point Of Service	Version 7.0.0
Oracle Retail Point Of Service	Version 7.0.1
Oracle Retail Point Of Service	Version 7.0.2
Oracle Retail Point Of Service	Version 7.0.3
Oracle Retail Point Of Service	Version 7.0.4
Oracle Retail Point Of Service	Version 7.0.5
Oracle Retail Point Of Service	Version 7.0.6
Oracle Retail Point Of Service	Version 7.1.0
Oracle Retail Point Of Service	Version 7.1.1
Oracle Retail Point Of Service	Version 7.1.2
Oracle Retail Point Of Service	Version 7.1.3
Oracle Retail Point Of Service	Version 7.1.4
Oracle Retail Point Of Service	Version 7.1.5
Oracle Retail Point Of Service	Version 7.1.6

References (4)

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.securityfocus.com/bid/101359

Source: secalert_us@oracle.com

Third Party AdvisoryVDB Entry

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/101359

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.