CVE-2020-2675

Name of the Vulnerable Software and Affected Versions Oracle Hospitality Opera 5 version 5.5

Description The issue is related to inadequate access control in the Oracle Hospitality Opera 5 product, allowing a remote attacker to gain unauthorized access to protected information or modify, add, or delete data using the HTTP protocol. This can result in unauthorized access to critical data or complete access to all accessible data, as well as unauthorized update, insert, or delete access to some accessible data.

Recommendations For Oracle Hospitality Opera 5 version 5.5, update the software to a version that addresses the inadequate access control issue. As a temporary workaround, consider restricting access to the login component to minimize the risk of exploitation. Avoid using the HTTP protocol for sensitive operations until the issue is resolved.