Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System
CVE-2019-2410

5.1MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Cruise Shipboard Property Management System
Vendor: CVE Published:; 16 January 2019

Summary

This vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System allows unauthenticated attackers on the network to compromise the system. Specifically, those with access to the infrastructure running the application can exploit this flaw to gain unauthorized access to sensitive data. Successful exploitation could enable attackers to perform unauthorized updates, inserts, or deletions of data, as well as access certain confidential information without appropriate credentials. This situation emphasizes the importance of securing the application environment to prevent potential data breaches.

Affected Version(s)

Hospitality Cruise Shipboard Property Management System 8.0.8

References

http://www.securityfocus.com/bid/106605

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuja...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 16, 2019
Vulnerability Reserved
Dec 14, 2018