Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle
CVE-2020-14561

7.3HIGH

Key Information:

Vendor: Oracle
Status: Hospitality Reporting And Analytics
Vendor: CVE Published:; 15 July 2020

What is CVE-2020-14561?

An exploitable vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The affected version, 9.1.0, can be compromised by a low-privileged attacker who has access to the infrastructure where the application runs. Successful exploitation necessitates human interaction from an external individual. This vulnerability poses risks including unauthorized access that can lead to a complete takeover of the Oracle Hospitality Reporting and Analytics system.

Affected Version(s)

Hospitality Reporting and Analytics 9.1.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020