Unauthenticated Access Vulnerability in Oracle Hospitality Cruise Management System
CVE-2018-3000

7.1HIGH

Key Information:

Vendor
Oracle
Status
Hospitality Cruise Shipboard Property Management System
Vendor
CVE Published:
18 July 2018

Summary

A vulnerability exists within the Oracle Hospitality Cruise Shipboard Property Management System, allowing unauthenticated attackers with access to the infrastructure to exploit this weakness. When exploited, this flaw can lead to unauthorized access to sensitive data, jeopardizing the confidentiality of information managed by the system. Given its integration with other Oracle Hospitality applications, the impact of this vulnerability may extend beyond the immediate system, affecting additional products reliant on it.

Affected Version(s)

Hospitality Cruise Shipboard Property Management System 8.x

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104815
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041300
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.