Denial of Service Vulnerability in Oracle Hospitality Applications
CVE-2018-2607

4.9MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Guest Access
Vendor: CVE Published:; 18 January 2018

What is CVE-2018-2607?

A vulnerability exists in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications, specifically in version 4.2.1. This security flaw can be easily exploited by attackers with high privilege and network access via HTTP. Successfully leveraging this vulnerability may lead to unauthorized actions, such as causing the application to hang or consistently crash, resulting in a denial of service condition for users of Oracle Hospitality Guest Access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Hospitality Guest Access 4.2.1

References

http://www.securityfocus.com/bid/102580

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuja...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 18, 2018
Vulnerability Reserved
Dec 15, 2017

JSON

Oracle

What is CVE-2018-2607?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.