Oracle Retail Back Office unauthorized access vulnerability
- Date Published:2019-04-14
- Last Updated:2019-04-14
- Version Affected: Oracle Retail Back Office
- CVE: CVE-2017-10423
Oracle Retail Applications is a set of Retail application store solutions from Oracle. Oracle Retail Back Office is one of the Retail backend components that provides retailers with real-time access to storage management and reporting capabilities.
There is an unauthorized access vulnerability in Oracle Retail Back Office, which can be exploited by an attacker to read, update, insert or delete data without authorization, affecting the confidentiality and integrity of data.
At present, the vendor has released the patches to repair loopholes, patch for a link: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html