Vulnerability in Oracle Food and Beverage Applications Affects Hospitality Reporting and Analytics
CVE-2020-14543

7.3HIGH

Key Information:

Vendor: Oracle
Status: Hospitality Reporting And Analytics
Vendor: CVE Published:; 15 July 2020

Summary

A vulnerability exists within Oracle Hospitality Reporting and Analytics that could allow a low-privileged attacker, with their own login credentials, to exploit the system. This exploitation requires a third party's interaction and could result in unauthorized access, thereby compromising the integrity and confidentiality of the application. Affected users should take immediate action to mitigate potential threats and protect sensitive data.

Affected Version(s)

Hospitality Reporting and Analytics 9.1.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020