Walid Faour

**Name of the Vulnerable Software and Affected Versions** Oracle Hospitality RES 3700 version 5.7 **Description** The issue is related to insufficient input validation in the CAL component of Oracle Hospitality RES 3700, allowing an unauthenticated attacker with network access via TCP to compromise the system. Successful attacks can result in unauthorized read access to a subset of Oracle Hospitality RES 3700 accessible data. **Recommendations** For Oracle Hospitality RES 3700 version 5.7, apply the necessary security patches or updates to fix the insufficient input validation issue in the CAL component. As a temporary workaround, consider restricting network access via TCP to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.