Vulnerability in Oracle Hospitality Cruise Fleet Management by Oracle
CVE-2018-3158

7.1HIGH

Key Information:

Vendor
Oracle
Status
Hospitality Cruise Fleet Management
Vendor
CVE Published:
17 October 2018

Summary

This vulnerability in Oracle Hospitality Cruise Fleet Management allows a low privileged attacker with network access to exploit the system via HTTP. It can lead to unauthorized access to critical data and offer attackers the ability to perform operations such as updating, inserting, or deleting information within the affected system. With a supported version of 9.0 currently vulnerable, organizations relying on Oracle Hospitality applications need to assess their exposure and take necessary precautions to mitigate potential breaches.

Affected Version(s)

Hospitality Cruise Fleet Management 9.0

References

http://www.securityfocus.com/bid/105626
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.