Vulnerability in Oracle Hospitality Cruise Fleet Management System
CVE-2018-2984

8.1HIGH

Key Information:

Vendor

Oracle
Status
Hospitality Cruise Fleet Management
Vendor
CVE Published:
18 July 2018

What is CVE-2018-2984?

A vulnerability exists in the Oracle Hospitality Cruise Fleet Management System, specifically within the Gangway Activity Web App. This flaw allows a low-privileged attacker with network access via HTTP to exploit the system, leading to unauthorized creation, deletion, or modification of critical data. Attackers could gain full access to all data available within the system, potentially compromising the integrity and confidentiality of sensitive information without requiring user interaction.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Hospitality Cruise Fleet Management 9.x

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104802
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041300
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.