Installation Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle
CVE-2020-14753

5.9MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Reporting And Analytics
Vendor: CVE Published:; 21 October 2020

Summary

A vulnerability exists in the Installation component of Oracle Hospitality Reporting and Analytics, impacting version 9.1.0. This security issue allows a low privileged attacker with access to the system to exploit the vulnerability and potentially gain unauthorized access to sensitive data. An essential aspect of this attack is that it requires human interaction from an individual other than the attacker. While the initial target is Oracle Hospitality Reporting and Analytics, the attack can have further implications on related products, exposing critical data and compromising data integrity.

Affected Version(s)

Hospitality Reporting and Analytics 9.1.0

References

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 21, 2020
Vulnerability Reserved
Jun 19, 2020