Oracle Hospitality Simphony Vulnerability in Point of Sale Component
CVE-2018-2673
5.9MEDIUM
Summary
A vulnerability exists in the Oracle Hospitality Simphony component, specifically in the Point of Sale (POS) subcomponent. This vulnerability allows unauthenticated attackers with network access via HTTP to potentially compromise the system. Successful exploitation could lead to unauthorized access to critical data, creating serious risks for organizations relying on Oracle Hospitality Simphony. The affected versions include 2.7, 2.8, and 2.9, underscoring the importance of maintaining software updates and security best practices to safeguard sensitive information.
Affected Version(s)
Hospitality Simphony 2.7
Hospitality Simphony 2.8
Hospitality Simphony 2.9
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved