Lucene search

[email protected]CVE-2016-0437

HistoryJan 21, 2016 - 2:59 a.m.

CVE-2016-0437

2016-01-2102:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2016-0437

oracle retail applications

mobile pos

security vulnerability

confidentiality

6.2 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

9.2%

JSON

Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and CVE-2016-0438.

CPENameOperatorVersion
oracle:retail_applicationsoracle retail applicationseq14.1
oracle:retail_applicationsoracle retail applicationseq14.0
oracle:retail_applicationsoracle retail applicationseq13.4

CPE	Name	Operator	Version
oracle:retail_applications	oracle retail applications	eq	14.1
oracle:retail_applications	oracle retail applications	eq	14.0
oracle:retail_applications	oracle retail applications	eq	13.4

References

www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

www.securitytracker.com/id/1034718

6.2 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for CVE-2016-0437

prion4 cvelist4 cve3 oracle1