Vulnerability in Oracle Hospitality Simphony First Edition Component
CVE-2018-2851
8.1HIGH
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 19 April 2018
Summary
A vulnerability exists in the Oracle Hospitality Simphony First Edition, specifically within its Enterprise Management Console. This flaw allows a low-privileged attacker with network access via HTTP to compromise the system. Successful exploitation could lead to unauthorized actions such as the creation, deletion, or modification of critical data. Attackers may gain complete access to all data accessible via the Oracle Hospitality Simphony First Edition, making it imperative for organizations using affected versions 1.6 and 1.7 to implement necessary security measures.
Affected Version(s)
Hospitality Simphony First Edition 1.6
Hospitality Simphony First Edition 1.7
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved