oracle retail-bulk-data-integration CVE-2018-2891 is a vulnerability in Oracle Retail Bulk Data Integration
Published on July 18, 2018

Vulnerability in the Oracle Retail Bulk Data Integration component of Oracle Retail Applications (subcomponent: BDI Job Scheduler). The supported version that is affected is 16.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Bulk Data Integration. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Bulk Data Integration, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Bulk Data Integration accessible data as well as unauthorized read access to a subset of Oracle Retail Bulk Data Integration accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

NVD


Products Associated with CVE-2018-2891

Want to know whenever a new CVE is published for Oracle Retail Bulk Data Integration? stack.watch will email you.

Oracle Retail Bulk Data Integration
 

Affected Versions

Oracle Corporation Retail Bulk Data Integration Version 16.0 is affected by CVE-2018-2891

Exploit Probability

EPSS
0.52%
Percentile
66.60%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.