Web Service Vulnerability in Oracle Hospitality Cruise Dining Room Management
CVE-2019-2953

7.1HIGH

Key Information:

Vendor: Oracle
Status: Hospitality Cruise Dining Room Management
Vendor: CVE Published:; 16 October 2019

Summary

A vulnerability exists in Oracle Hospitality Cruise Dining Room Management, specifically within the Web Service component. This flaw allows attackers with limited privileges and network access via HTTP to exploit the system. Successful exploitation can result in unauthorized access to sensitive data, and compromise the integrity of the database through unauthorized updates, insertions, or deletions. The vulnerability emphasizes the need for robust security measures to protect against potential data breaches and unauthorized data manipulation.

Affected Version(s)

Hospitality Cruise Dining Room Management 8.0.80

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 16, 2019
Vulnerability Reserved
Dec 14, 2018