New ModPipe Point of Sale (POS) Malware Targeting Restaurants, Hotels

Cybersecurity researchers today disclosed a new kind of modular backdoor that targets point-of-sale POS restaurant management software from Oracle in an attempt to pilfer sensitive payment information stored in the devices. The backdoor — dubbed "ModPipe" — impacts Oracle MICROS Restaurant...

New ModPipe Point of Sale (POS) Malware Targeting Restaurants, Hotels

Cybersecurity researchers today disclosed a new kind of modular backdoor that targets point-of-sale POS restaurant management software from Oracle in an attempt to pilfer sensitive payment information stored in the devices. The backdoor — dubbed "ModPipe" — impacts Oracle MICROS Restaurant...

CVE-2019-2750

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 12.1.0, 12.1.1, 12.1.2 and 13.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-3314

Vulnerability in the MICROS Relate CRM Software component of Oracle Retail Applications subcomponent: Customer. The supported version that is affected is 11.4. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise MICROS Relate CRM Software...

CVE-2018-2887

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications subcomponent: Back Office. Supported versions that are affected are 13.0.0 and 12.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS Retail-J. Successf...

CVE-2018-3052

Vulnerability in the MICROS Relate CRM Software component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 10.8.x and 11.4.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise MICROS...

Oracle MICROS POS Remote Detection

Detection of running version of Oracle Micros POS system. This script sends an HTTP GET request and tries to ensure the presence of Oracle Micros POS system. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Oracle MICROS POS missing authorisation check

Application: Oracle MICROS POS Versions Affected: Oracle Hospitality Simphony 2.7-2.9 Vendor URL: Oracle Bug: Missing Authentication for Critical Function Reported: 21.07.2017 Vendor response: 22.07.2017 Date of Public Advisory: 17.01.2018 Reference: Oracle CPU January 2018 Author: Dmitry Chastuh...

CVE-2016-0684

Unspecified vulnerability in the Oracle Retail MICROS ARS POS component in Oracle Retail Applications 1.5 allows remote authenticated users to affect confidentiality via vectors related to POS...

Unspecified Vulnerability in Oracle MICROS CWDirect Order Entry Component

Oracle Retail Applications is a suite of retail application store solutions. An unspecified vulnerability exists in the Oracle MICROS CWDirect Order Entry component, which could be exploited by a remote attacker to gain unauthorized access to data, resulting in the disclosure of information...