Vulnerability in Oracle Hospitality Simphony First Edition Venue Management
CVE-2017-10076
6.4MEDIUM
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 8 August 2017
Summary
A security vulnerability exists within the Oracle Hospitality Simphony First Edition Venue Management module, allowing low-privileged attackers with network access to exploit the system through HTTP. This vulnerability could lead to unauthorized modifications, deletions, and readings of accessible data, compromising the integrity and confidentiality of the information stored within the system. Although primarily associated with Venue Management, the risk stemming from this vulnerability may extend to other related Oracle Hospitality products, emphasizing the necessity for timely patching and robust security measures.
Affected Version(s)
Hospitality Simphony First Edition Venue Management 3.9
References
CVSS V3.1
Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved