CVE-2017-10427
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-10427
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.11, 6.5.11, 7.0.6, 7.1.6 and 15.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. While the vulnerability is in Oracle Retail Xstore Point of Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Xstore Point of Service accessible data as well as unauthorized read access to a subset of Oracle Retail Xstore Point of Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oracle Retail Applications Retail Xstore Point of Service组件安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Retail Applications是美国甲骨文(Oracle)公司的一套零售应用商店解决方案。Oracle Retail Xstore Point of Service是其中的一个零售服务点管理组件。 Oracle Retail Applications中的Oracle Retail Xstore Point of Service组件的Point of Sale子组件存在安全漏洞。攻击者可利用该漏洞未授权读取、更新、插入或删除数据,造成拒绝服务,影响数据的保密性、完整性和可用性。以下版本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Oracle Corporation | Retail Xstore Point of Service | 6.0.11 | - |
II. Public POCs for CVE-2017-10427
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-10427
请登录查看更多情报信息。
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2017-10427
Same Patch Batch · Oracle Corporation · 2017-10-19 · 178 CVEs total
| CVE-2017-10372 | Oracle Hospitality Applications Oracle Hospitality Guest Access组件安全漏洞 | |
| CVE-2017-10359 | Oracle Hyperion Oracle Hyperion BI+组件安全漏洞 | |
| CVE-2017-10360 | Oracle Fusion Middleware Oracle WebCenter Content组件安全漏洞 | |
| CVE-2017-10361 | Oracle Hospitality Applications Oracle Hospitality Cruise Shipboard Property Management Sy | |
| CVE-2017-10362 | Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞 | |
| CVE-2017-10363 | Oracle Financial Services Applications Oracle FLEXCUBE Universal Banking组件安全漏洞 | |
| CVE-2017-10365 | Oracle MySQL Server组件安全漏洞 | |
| CVE-2017-10366 | Oracle PeopleSoft Products PeopleSoft Enterprise PT PeopleTools组件安全漏洞 | |
| CVE-2017-10367 | Oracle Hospitality Applications Oracle Hospitality Simphony组件安全漏洞 | |
| CVE-2017-10368 | Oracle PeopleSoft Products PeopleSoft Enterprise SCM eProcurement组件安全漏洞 | |
| CVE-2017-10369 | Oracle Fusion Middleware Oracle Virtual Directory组件安全漏洞 | |
| CVE-2017-10370 | Oracle Hospitality Applications Oracle Hospitality Guest Access组件安全漏洞 | |
| CVE-2017-10381 | Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞 | |
| CVE-2017-10386 | Oracle Java SE Java Advanced Management Console组件安全漏洞 | |
| CVE-2017-10385 | Oracle Fusion Middleware Oracle GlassFish Server组件安全漏洞 | |
| CVE-2017-10384 | Oracle MySQL Server组件安全漏洞 | |
| CVE-2017-10383 | Oracle Hospitality Applications Oracle Hospitality Guest Access组件安全漏洞 | |
| CVE-2017-10382 | Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools组件安全漏洞 | |
| CVE-2017-10378 | Oracle MySQL Server组件安全漏洞 | |
| CVE-2017-10373 | Oracle PeopleSoft Products PeopleSoft Enterprise PT PeopleTools组件安全漏洞 |
Showing top 20 of 178 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Retail Xstore Point of Service
- CVE-2019-2872
Oracle Retail Applications Retail Xstore Point of Service组件安 - CVE-2018-3126
Oracle Retail Applications Retail Xstore Point of Service组件安 - CVE-2018-2840
Oracle Retail Applications Retail Xstore Point of Service组件安 - CVE-2017-10183
Oracle Retail Xstore Point of Service 安全漏洞 - CVE-2017-10214
Oracle Retail Xstore Point of Service 安全漏洞
V. Comments for CVE-2017-10427
No comments yet