CVE-2016-3429

EUVD-2016-4455
Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Xstore Services.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.5 MEDIUM
PHYSICAL
HIGH
LOW
CVSS:3.0/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
oracleretail_xstore_point_of_service
5.0
oracleretail_xstore_point_of_service
5.5
oracleretail_xstore_point_of_service
6.0
oracleretail_xstore_point_of_service
6.5
oracleretail_xstore_point_of_service
7.0
oracleretail_xstore_point_of_service
7.1
𝑥
= Vulnerable software versions
References
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.securitytracker.com/id/1035600
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.securitytracker.com/id/1035600