CVE-2023-22085

Name of the Vulnerable Software and Affected Versions Oracle Hospitality Opera 5 versions 5.6

Description The issue is related to insufficient input validation in the Opera component of Oracle Hospitality Opera 5. This can be exploited by a remote attacker to execute arbitrary code, potentially leading to a takeover of the Hospitality OPERA 5 Property Services. The vulnerability can be easily exploited by a low-privileged attacker with network access via HTTP.

Recommendations For Oracle Hospitality Opera 5 version 5.6, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.