Vulnerability in Oracle Hospitality Cruise Fleet Management by Oracle
CVE-2018-2701

7.6HIGH

Key Information:

Vendor

Oracle
Status
Hospitality Cruise Fleet Management
Vendor
CVE Published:
18 January 2018

What is CVE-2018-2701?

A vulnerability exists in the Oracle Hospitality Cruise Fleet Management system that can be exploited by users with low privileges and network access via HTTP. Though requiring human interaction for successful exploitation, this flaw can lead to significant unauthorized access to sensitive data. Attackers may be able to manipulate data, including updating, inserting, or deleting entries within the system, ultimately undermining the integrity and confidentiality of the data stored in Oracle Hospitality Cruise Fleet Management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Hospitality Cruise Fleet Management 9.0.4.0

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/102554
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.