Vulnerability in Oracle Hospitality Applications - Materials Control Component
CVE-2017-10222

5.4MEDIUM

Key Information:

Vendor
Oracle
Status
Hospitality Materials Control
Vendor
CVE Published:
8 August 2017

Summary

The Oracle Hospitality Materials Control component of Oracle Hospitality Applications is susceptible to an improper input validation vulnerability. This flaw permits low-privileged attackers with network access via HTTP to manipulate the system. Successful exploitation may lead to unauthorized modifications, including updates, insertions, or deletions of accessible data, as well as unauthorized read access to certain datasets within the Oracle Hospitality Materials Control environment. This vulnerability exposes sensitive information and compromises the integrity of the data managed by the application.

Affected Version(s)

Hospitality Materials Control 8.31.4

Hospitality Materials Control 8.32.0

References

http://www.securitytracker.com/id/1038941
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99701
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.