Oracle MICROS Retail XBRi Loss Prevention 10.6.0

CPE Details

Oracle MICROS Retail XBRi Loss Prevention 10.6.0
oracle
micros_retail_xbri_loss_prevention
10.6.0
2024-07-16
10h17 +00:00
2024-07-16
10h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

micros_retail_xbri_loss_prevention

Version

10.6.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-12617 2017-10-03
15h00 +00:00		 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
8.1
High
CVE-2016-8735 2017-04-06
21h00 +00:00		 Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
9.8
Critical