Vulnerability in Oracle Hospitality OPERA 5 Property Services
CVE-2023-22085

8.8HIGH

Key Information:

Vendor
Oracle
Vendor
CVE Published:
17 October 2023

Summary

A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services, specifically in version 5.6, that allows a low privileged attacker with network access via HTTP to take control of the service. Successful exploitation of this vulnerability can lead to unauthorized access, compromising the confidentiality, integrity, and availability of the application. It underscores the need for prompt updates and diligent monitoring of network access to safeguard against potential threats.

Affected Version(s)

Hospitality OPERA 5 Property Services 5.6

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.