Unauthorized Access Vulnerability in Oracle Hospitality Guest Access Component
CVE-2017-10218

4.3MEDIUM

Key Information:

Vendor

Oracle
Status
Hospitality Guest Access
Vendor
CVE Published:
8 August 2017

What is CVE-2017-10218?

The Oracle Hospitality Guest Access component within Oracle Hospitality Applications has a vulnerability that allows low privileged attackers with network access to exploit it via HTTP. This vulnerability could enable unauthorized reading of data accessible within the Oracle Hospitality Guest Access. Affected versions include 4.2.0.0 and 4.2.1.0, highlighting the need for timely updates to safeguard sensitive information.

Affected Version(s)

Hospitality Guest Access 4.2.0.0

Hospitality Guest Access 4.2.1.0

References

http://www.securitytracker.com/id/1038941
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99781
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.