PT-2018-16039 · Oracle · Oracle Hospitality Gift/Loyalty

Published

2018-10-17

Updated

2019-10-03

CVE-2018-3131

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Oracle Hospitality Gift and Loyalty version 9.0

Description The issue allows a low-privileged attacker with Report privilege and logon access to the infrastructure where Oracle Hospitality Gift and Loyalty is executed to compromise it. This can result in unauthorized access to critical data, complete access to all accessible data, as well as unauthorized update, insert, or delete access to some accessible data.

Recommendations For Oracle Hospitality Gift and Loyalty version 9.0, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-3131

Affected Products

Oracle Hospitality Gift/Loyalty

PT-2018-16039 · Oracle · Oracle Hospitality Gift/Loyalty

CVE-2018-3131

Related Identifiers

Affected Products

References · 4