CVE-2015-0390 : Unspecified vulnerability in the MICROS Retail component in Oracle Retail Applic

Unspecified vulnerability in the MICROS Retail component in Oracle Retail Applications Xstore: 3.2.1, 3.4.2, 3.5.0, 4.0.1, 4.5.1, 4.8.0, 5.0.3, 5.5.3, 6.0.6, and 6.5.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Xstore Point of Sale.

Published 2015-01-21 18:59:34

Updated 2017-09-08 01:29:42

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2015-0390

Oracle » Retail Applications Xstore » Version: 3.2.1
cpe:2.3:a:oracle:retail_applications_xstore:3.2.1:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 3.4.2
cpe:2.3:a:oracle:retail_applications_xstore:3.4.2:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 6.5.2
cpe:2.3:a:oracle:retail_applications_xstore:6.5.2:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 4.5.1
cpe:2.3:a:oracle:retail_applications_xstore:4.5.1:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 4.8.0
cpe:2.3:a:oracle:retail_applications_xstore:4.8.0:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 5.0.3
cpe:2.3:a:oracle:retail_applications_xstore:5.0.3:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 5.5.3
cpe:2.3:a:oracle:retail_applications_xstore:5.5.3:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 6.0.6
cpe:2.3:a:oracle:retail_applications_xstore:6.0.6:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 3.5.0
cpe:2.3:a:oracle:retail_applications_xstore:3.5.0:*:*:*:*:*:*:*
Matching versions
Oracle » Retail Applications Xstore » Version: 4.0.1
cpe:2.3:a:oracle:retail_applications_xstore:4.0.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-0390

EPSS FAQ

0.82%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-0390

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2015-0390

http://www.securitytracker.com/id/1031591

Oracle Retail Applications Flaw in MICROS Retail Lets Remote Users Partially Access Data, Modify Data, and Deny Service - SecurityTracker
https://exchange.xforce.ibmcloud.com/vulnerabilities/100138

Oracle MICROS Retail Xstore Point of Sale unspecified CVE-2015-0390 Vulnerability Report
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Oracle Critical Patch Update - January 2015
Patch;Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/72247

Oracle MICROS Retail CVE-2015-0390 Remote Security Vulnerability

Jump to

Vulnerability Details : CVE-2015-0390

Products affected by CVE-2015-0390

Exploit prediction scoring system (EPSS) score for CVE-2015-0390

CVSS scores for CVE-2015-0390

References for CVE-2015-0390