Vulnerability in Oracle Hospitality Cruise Fleet Management System - Oracle
CVE-2018-3002

7.1HIGH

Key Information:

Vendor
Oracle
Status
Hospitality Cruise Fleet Management
Vendor
CVE Published:
18 July 2018

Summary

The Oracle Hospitality Cruise Fleet Management System is vulnerable due to a flaw that allows unauthenticated attackers with network access to compromise the system. This vulnerability can lead to unauthorized access to sensitive data and potentially grant attackers full control over all accessible data within the system. The issue primarily affects version 9.x of the Cruise Fleet Management System and poses risks not just to the targeted system but also to other connected products.

Affected Version(s)

Hospitality Cruise Fleet Management 9.x

References

http://www.securityfocus.com/bid/104811
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041300
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.