How severe is CVE-2018-2862?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2018-2862?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2018-2862

HIGH Year: 2018

CVSS v3 Score

7.1

High

CVSS v2 Score

5.5

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: User Interface). Supported versions that are affected are 13.3.8, 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Point-of-Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Point-of-Service accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).

CVE-2010-2537

HIGH

CVSS:7.1(High)

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl ca...

NVD-CWE-Other2010

CVE-2015-8698

HIGH

CVSS:7.1(High)

CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary ...

NVD-CWE-Other2015

CVE-2016-3470

HIGH

CVSS:7.1(High)

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.4.1 allows remote authenticated users to affect confidentiality and integrity via ve...

NVD-CWE-Other2016

CVE-2016-3530

HIGH

CVSS:7.1(High)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect integrity and availability via vectors rel...

NVD-CWE-Other2016