Exploitable Vulnerability in Oracle Hospitality OPERA 5 by Oracle
CVE-2018-3014

6.5MEDIUM

Key Information:

Vendor
Oracle
Status
Hospitality Opera 5 Property Services
Vendor
CVE Published:
18 July 2018

Summary

A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services component, specifically affecting version 5.5.x. This flaw can be exploited by low privileged attackers who have network access via HTTP. Successful exploitation may lead to unauthorized access to sensitive data or result in full access to all data managed by Oracle Hospitality OPERA 5 Property Services. This poses a significant risk to data confidentiality, as attackers can manipulate critical information if they take advantage of this vulnerability.

Affected Version(s)

Hospitality OPERA 5 Property Services 5.5.x

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104809
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041300
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.