PT-2026-3713 · Oracle · Opera 5 Property Services
Johnathan Law
·
Published
2026-01-20
·
Updated
2026-01-21
·
CVE-2026-21966
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Hospitality OPERA 5 Property Services versions 5.6.19.23 through 5.6.27.4
Description
An easily exploitable issue exists in the Oracle Hospitality OPERA 5 Property Services component, allowing an unauthenticated attacker with network access via HTTP to compromise the system. Successful attacks require interaction from a user other than the attacker and may impact additional products. Successful exploitation can lead to unauthorized data modification, insertion, deletion, and read access to Oracle Hospitality OPERA 5 Property Services data.
Recommendations
Update Oracle Hospitality OPERA 5 Property Services to a version later than 5.6.27.4.
Update Oracle Hospitality OPERA 5 Property Services to a version later than 5.6.26.10.
Update Oracle Hospitality OPERA 5 Property Services to a version later than 5.6.25.17.
Update Oracle Hospitality OPERA 5 Property Services to a version later than 5.6.19.23.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Opera 5 Property Services