Retail Open Commerce Platform Cloud Service
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5645 | Cri | 0.71 | 9.8 | 0.89 | Apr 17, 2017 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | ||
| CVE-2018-3122 | Med | 0.44 | 6.8 | 0.01 | Oct 17, 2018 | Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult to exploit vulnerability allows low privileged attacker with network access via… | ||
| CVE-2017-10172 | Med | 0.40 | 6.1 | 0.01 | Aug 8, 2017 | Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Framework). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker… | ||
| CVE-2017-10173 | Med | 0.38 | 5.8 | 0.02 | Aug 8, 2017 | Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Website). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with… | ||
| CVE-2017-3451 | Med | 0.35 | 5.4 | 0.01 | Apr 24, 2017 | Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Web). Supported versions that are affected are 4.0, 5.0, 5.1, 5.3, 6.0,6.1, 15.0 and 16.0. Easily "exploitable" vulnerability allows low privileged attacker with… | ||
| CVE-2016-0522 | 0.00 | — | 0.02 | Jan 21, 2016 | Unspecified vulnerability in the Oracle Retail Open Commerce Platform Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Framework. | |||
| CVE-2015-4827 | 0.00 | — | 0.02 | Oct 21, 2015 | Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Framework. |
- risk 0.71cvss 9.8epss 0.89
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
- risk 0.44cvss 6.8epss 0.01
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult to exploit vulnerability allows low privileged attacker with network access via…
- risk 0.40cvss 6.1epss 0.01
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Framework). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker…
- risk 0.38cvss 5.8epss 0.02
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Website). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with…
- risk 0.35cvss 5.4epss 0.01
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Web). Supported versions that are affected are 4.0, 5.0, 5.1, 5.3, 6.0,6.1, 15.0 and 16.0. Easily "exploitable" vulnerability allows low privileged attacker with…
- CVE-2016-0522Jan 21, 2016risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Retail Open Commerce Platform Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Framework.
- CVE-2015-4827Oct 21, 2015risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Framework.