CVE-2018-2888 (CNNVD-201807-1522)
中文标题:
Oracle Retail Applications MICROS Retail-J组件安全漏洞
英文标题:
Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Off...
漏洞描述
中文描述:
Oracle Retail Applications是美国甲骨文(Oracle)公司的一套零售应用商店解决方案。MICROS Retail-J是其中的一个高级零售系统组件。 Oracle Retail Applications中的MICROS Retail-J组件的Back Office子组件存在安全漏洞。攻击者可利用该漏洞未授权访问、创建、删除或修改数据,造成拒绝服务,影响数据的保密性、可用性和完整性。以下版本受到影响:Oracle MICROS Retail-J 11.0.x版本,12.0.x版本,12.1.x版本,12.1.1.x版本,12.1.2.x版本,13.1.x版本。
英文描述:
Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office). Supported versions that are affected are 10.2.x, 11.0.x, 12.0.x, 12.1.x, 12.1.1.x,12.1.2.x and 13.1.x. Difficult to exploit vulnerability allows physical access to compromise MICROS Retail-J. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MICROS Retail-J, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MICROS Retail-J accessible data as well as unauthorized access to critical data or complete access to all MICROS Retail-J accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MICROS Retail-J. CVSS 3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L).
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Oracle Corporation | MICROS Retail-J | 10.2.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:10.2.x:*:*:*:*:*:*:*
|
| Oracle Corporation | MICROS Retail-J | 11.0.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:11.0.x:*:*:*:*:*:*:*
|
| Oracle Corporation | MICROS Retail-J | 12.0.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:12.0.x:*:*:*:*:*:*:*
|
| Oracle Corporation | MICROS Retail-J | 12.1.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:12.1.x:*:*:*:*:*:*:*
|
| Oracle Corporation | MICROS Retail-J | 12.1.1.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:12.1.1.x:*:*:*:*:*:*:*
|
| Oracle Corporation | MICROS Retail-J | 12.1.2.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:12.1.2.x:*:*:*:*:*:*:*
|
| Oracle Corporation | MICROS Retail-J | 13.1.x | - | - |
cpe:2.3:a:oracle_corporation:micros_retail-j:13.1.x:*:*:*:*:*:*:*
|
| oracle | micros_retail-j | 10.2 | - | - |
cpe:2.3:a:oracle:micros_retail-j:10.2:sp32:*:*:*:*:*:*
|
| oracle | micros_retail-j | 11.0 | - | - |
cpe:2.3:a:oracle:micros_retail-j:11.0:sp24:*:*:*:*:*:*
|
| oracle | micros_retail-j | 12.0 | - | - |
cpe:2.3:a:oracle:micros_retail-j:12.0:sp10:*:*:*:*:*:*
|
| oracle | micros_retail-j | 12.1 | - | - |
cpe:2.3:a:oracle:micros_retail-j:12.1:fp1_sp1:*:*:*:*:*:*
|
| oracle | micros_retail-j | 13.1.1 | - | - |
cpe:2.3:a:oracle:micros_retail-j:13.1.1:*:*:*:*:*:*:*
|
| oracle | micros_retail-j | 13.1.2 | - | - |
cpe:2.3:a:oracle:micros_retail-j:13.1.2:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2018-2888 |
2025-11-11 15:19:49 | 2025-11-11 07:35:16 |
| NVD | nvd_CVE-2018-2888 |
2025-11-11 14:55:56 | 2025-11-11 07:43:50 |
| CNNVD | cnnvd_CNNVD-201807-1522 |
2025-11-11 15:10:03 | 2025-11-11 07:53:49 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 授权问题
- cnnvd_id: 未提取 -> CNNVD-201807-1522
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- cvss_score: 未提取 -> 6.7
- cvss_vector: NOT_EXTRACTED -> CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L
- cvss_version: NOT_EXTRACTED -> 3.0
- affected_products_count: 7 -> 13
- data_sources: ['cve'] -> ['cve', 'nvd']