Vulnerability in Oracle Hospitality OPERA 5 Property Services Allows Unauthorized Access
CVE-2017-10197

4.6MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Opera 5 Property Services
Vendor: CVE Published:; 19 October 2017

Summary

A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services component, which allows individuals with physical access to the system to compromise security. This loophole can result in unauthorized access to sensitive data and potentially expose all accessible information stored within the system. The affected versions range from 5.4.2.x to 5.5.1.x. Organizations leveraging this application should implement strict physical security measures to mitigate possible exploits.

Affected Version(s)

Hospitality OPERA 5 Property Services 5.4.2.x through 5.5.1.x

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101459

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017