CVE-2018-2956

Name of the Vulnerable Software and Affected Versions Oracle Hospitality OPERA 5 Property Services version 5.5.x

Description The issue allows an unauthenticated attacker with logon to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to compromise the service. Successful attacks can result in the takeover of Oracle Hospitality OPERA 5 Property Services. Although the vulnerability is in Oracle Hospitality OPERA 5 Property Services, attacks may significantly impact additional products.

Recommendations For version 5.5.x, update to a version that fixes this issue to prevent potential takeover of the service. As a temporary workaround, consider restricting access to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to minimize the risk of exploitation.