Vulnerability in Oracle Hospitality Suite8 XML Interface Component
CVE-2019-2781

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Suite8
Vendor: CVE Published:; 23 July 2019

Summary

An exploitable vulnerability exists in the XML Interface component of Oracle Hospitality Suite8. This flaw allows low-privileged network attackers to gain unauthorized access to critical data. Affected versions include 8.9.6, 8.10.2, and versions 8.11 through 8.14. Successful exploitation can lead to the compromise of sensitive information, making it essential for organizations using this software to implement immediate security measures.

Affected Version(s)

Hospitality Suite8 8.9.6

Hospitality Suite8 8.10.2

Hospitality Suite8 8.11-8.14

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018