CVE-2017-3560 in Hospitality OPERA 5 Property Servicesinformation

Résumé

par MITRE

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OXI Interface). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily "exploitable" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Réserver

06/12/2016

Divulgation

24/04/2017

Modérer

accepté

Entrée

VDB-100095

CPE

prêt

CWE

CWE-200 (confirmé)

CVSS

4.3 (NVD)

EPSS

0.01004

KEV

non

Activités

très faible

Secteur

Hospital

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-3560
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-3560
CVE Details	https://www.cvedetails.com/cve/CVE-2017-3560/

◂ Précédent Aperçu Suivant ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!