Vulnerability in Oracle Hospitality OPERA 5 Property Services
CVE-2023-22085
8.8HIGH
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 17 October 2023
Summary
A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services, specifically in version 5.6, that allows a low privileged attacker with network access via HTTP to take control of the service. Successful exploitation of this vulnerability can lead to unauthorized access, compromising the confidentiality, integrity, and availability of the application. It underscores the need for prompt updates and diligent monitoring of network access to safeguard against potential threats.
Affected Version(s)
Hospitality OPERA 5 Property Services 5.6
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved