Vulnerability in Oracle Hospitality OPERA 5 Property Services by Oracle
CVE-2020-14877

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Hospitality Opera 5 Property Services
Vendor: CVE Published:; 21 October 2020

Summary

The vulnerability in Oracle Hospitality OPERA 5 Property Services allows an attacker with high privileges and network access through HTTP to compromise the system. This security flaw enables unauthorized creation, deletion, or modification of critical data, granting complete access to all resources within the affected services. Targeted versions 5.5 and 5.6 are particularly at risk, making it essential for users to apply necessary patches and updates to mitigate potential exploitation.

Affected Version(s)

Hospitality OPERA 5 Property Services 5.5

Hospitality OPERA 5 Property Services 5.6

References

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 21, 2020
Vulnerability Reserved
Jun 19, 2020