CVE-2020-2746

Name of the Vulnerable Software and Affected Versions Oracle Hospitality Reporting and Analytics version 9.1.0

Description The issue is related to a lack of protection for service data in the Oracle Hospitality Reporting and Analytics component. This can be exploited by a remote attacker using HTTP requests, potentially affecting the confidentiality and integrity of protected information. Successful attacks can result in unauthorized access to critical data, including creation, deletion, or modification of data.

Recommendations For version 9.1.0, update to a newer version that addresses this issue to prevent unauthorized access and modifications to critical data. As a temporary workaround, consider restricting access to the Oracle Hospitality Reporting and Analytics component via HTTP to minimize the risk of exploitation.