admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-31xx/CVE-2018-3126.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

123 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-3126",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2018-10-17T01:31:15.433",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in takeover of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Oracle Retail Xstore Point of Service de Oracle Retail Applications (subcomponente: Xenvironment). Las versiones soportadas que se han visto afectadas son la 15.0.2, 16.0.4 y la 17.0.2. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante con muchos privilegios que tenga acceso a red por HTTP comprometa la seguridad de Oracle Retail Xstore Point of Service. Los ataques exitosos a esta vulnerabilidad pueden resultar en la toma de control de Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99648F94-55A1-494E-BB74-E8A31E98F9FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF48DB4-DF14-4502-8697-84BA2D4A64AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05A16098-3001-4917-9F1C-D5C4C0EC78DF"
}
]
}
]
}
],
"references": [
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/105596",
"source": "secalert_us@oracle.com",
"tags": [
"VDB Entry",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink