CVE-2017-10197

4.6MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Opera 5 Property Services
Vendor: CVE Published:; 19 October 2017

Summary

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Folios). The supported version that is affected is 5.4.2.x through 5.5.1.x. Easily exploitable vulnerability allows physical access to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected Version(s)

Hospitality OPERA 5 Property Services 5.4.2.x through 5.5.1.x

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101459

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017