Vulnerability in Oracle Hospitality Suite8 Affecting Oracle Applications
CVE-2017-10389

5.7MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Suite8
Vendor: CVE Published:; 19 October 2017

Summary

This vulnerability in Oracle Hospitality Suite8 allows a low-privileged attacker with access to the infrastructure to manipulate data within the system. Successful exploitation requires the interaction of a third party, making it crucial for users to be aware of potential risks. This vulnerability can lead to unauthorized modifications, deletions, or reads of sensitive data and even contributors to a partial denial of service for users of the system. Given the wide reach of Oracle Hospitality Suite8, the implications of successful attacks can affect multiple products and workflows.

Affected Version(s)

Hospitality Suite8 8.10.1

Hospitality Suite8 8.10.2

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101457

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017