Vulnerability in Oracle Hospitality Applications Affecting Cruise Fleet Management
CVE-2018-2700

7.5HIGH

Key Information:

Vendor

Oracle
Status
Hospitality Cruise Fleet Management
Vendor
CVE Published:
18 January 2018

What is CVE-2018-2700?

An easily exploitable vulnerability exists in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications, primarily affecting version 9.0.4.0. This security flaw allows unauthenticated attackers with network access via HTTP to gain unauthorized access to critical data. Successful exploitation can lead to complete control over all data accessible within the Oracle Hospitality Cruise Fleet Management system, posing a significant risk to confidential information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Hospitality Cruise Fleet Management 9.0.4.0

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/102559
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.