Vulnerability in Oracle Hospitality Applications Affecting OPERA 5 Property Services
CVE-2018-3013

6.5MEDIUM

Key Information:

Vendor
Oracle
Status
Hospitality Opera 5 Property Services
Vendor
CVE Published:
18 July 2018

Summary

A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services component that can be exploited by an attacker with low privileges who has network access via HTTP. This flaw in the Report Server Config subcomponent can potentially lead to unauthorized access to sensitive data, allowing attackers to compromise the security of the system. Exploiting this vulnerability results in exposure to critical data within the Oracle Hospitality OPERA 5 system, highlighting the importance of timely updates and security measures.

Affected Version(s)

Hospitality OPERA 5 Property Services 5.5.x

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104809
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041300
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.