Unauthenticated Data Access Vulnerability in Oracle Hospitality RES 3700 by Oracle
CVE-2020-14783

5.3MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Res 3700
Vendor: CVE Published:; 21 October 2020

Summary

A vulnerability exists in Oracle Hospitality RES 3700, specifically within the CAL component, that can be exploited by an unauthenticated attacker with network access via TCP. This vulnerability permits unauthorized reading of specific data within the application, potentially exposing sensitive information. It is crucial for users and organizations utilizing this product to implement necessary security measures and apply patches as they become available to mitigate the risk of unauthorized access.

Affected Version(s)

Hospitality RES 3700 5.7

References

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 21, 2020
Vulnerability Reserved
Jun 19, 2020