PT-2018-15934 · Oracle · Oracle Hospitality Opera 5 Property Services

Publicado

2018-07-18

Atualizado

2019-10-03

CVE-2018-2955

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Hospitality OPERA 5 Property Services version 5.5.x

Description The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services, resulting in unauthorized read access to a subset of accessible data.

Recommendations For version 5.5.x, update to a version that addresses this issue to prevent unauthorized read access. As a temporary workaround, consider restricting access to the Integration subcomponent to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-2955

Produtos afetados

Oracle Hospitality Opera 5 Property Services

PT-2018-15934 · Oracle · Oracle Hospitality Opera 5 Property Services

CVE-2018-2955

Identificadores relacionados

Produtos afetados

Referências · 5