Vulnerability in Oracle Hospitality Applications Hotel Mobile Component
CVE-2017-10014

3.5LOW

Key Information:

Vendor: Oracle
Status: Hospitality Hotel Mobile
Vendor: CVE Published:; 19 October 2017

Summary

A vulnerability found in Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications poses a risk of unauthorized data manipulation. This issue allows low privileged attackers with HTTP network access to leverage the vulnerability, requiring human interaction for successful exploit. The impacts include the potential for unauthorized updates, inserts, or deletions of accessible data within Oracle Hospitality Hotel Mobile, compromising the integrity of the information handled.

Affected Version(s)

Hospitality Hotel Mobile 1.1

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101299

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017