Unauthenticated Vulnerability in Oracle Hospitality Suite8 by Oracle
CVE-2017-10419

5.1MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Suite8
Vendor: CVE Published:; 19 October 2017

Summary

The Oracle Hospitality Suite8 component of Oracle Hospitality Applications has a vulnerability that allows an unauthenticated attacker with access to the underlying infrastructure to compromise the application. This issue poses risks of unauthorized updates, inserts, and deletions of data, along with unauthorized read access to certain data within the system. Affected versions include 8.10.1 and 8.10.2, making it crucial for users to implement necessary security measures to mitigate potential risks.

Affected Version(s)

Hospitality Suite8 8.10.1

Hospitality Suite8 8.10.2

References

http://www.securityfocus.com/bid/101461

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017