Vulnerability in Oracle Hospitality Cruise Fleet Management by Oracle
CVE-2018-3159

6.1MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Cruise Fleet Management
Vendor: CVE Published:; 17 October 2018

Summary

A security vulnerability exists in Oracle Hospitality Cruise Fleet Management, which allows a low-privileged attacker with system logon credentials to exploit the system. This can lead to unauthorized access to sensitive data or total control over accessible information. Attackers may manipulate data by inserting, updating, or deleting records, posing significant risks to data integrity and overall security within the application.

Affected Version(s)

Hospitality Cruise Fleet Management 9.0

References

http://www.securityfocus.com/bid/105634

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2018
Vulnerability Reserved
Dec 15, 2017