CVE-2016-3429

Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Xstore Services.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.5 MEDIUM
PHYSICAL
HIGH
LOW
CVSS:3.0/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
oracleCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
VendorProductVersion
oracleretail_xstore_point_of_service
5.0
oracleretail_xstore_point_of_service
5.5
oracleretail_xstore_point_of_service
6.0
oracleretail_xstore_point_of_service
6.5
oracleretail_xstore_point_of_service
7.0
oracleretail_xstore_point_of_service
7.1
𝑥
= Vulnerable software versions
References
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.securitytracker.com/id/1035600
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.securitytracker.com/id/1035600