Oracle Hospitality Simphony Vulnerability in Point of Sale Component
CVE-2018-2673

5.9MEDIUM

Key Information:

Vendor
Oracle
Vendor
CVE Published:
18 January 2018

Summary

A vulnerability exists in the Oracle Hospitality Simphony component, specifically in the Point of Sale (POS) subcomponent. This vulnerability allows unauthenticated attackers with network access via HTTP to potentially compromise the system. Successful exploitation could lead to unauthorized access to critical data, creating serious risks for organizations relying on Oracle Hospitality Simphony. The affected versions include 2.7, 2.8, and 2.9, underscoring the importance of maintaining software updates and security best practices to safeguard sensitive information.

Affected Version(s)

Hospitality Simphony 2.7

Hospitality Simphony 2.8

Hospitality Simphony 2.9

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.