Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-01-17 18:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-2636
Mitre link : CVE-2018-2636
JSON object : View
CWE
Products Affected
oracle
- hospitality_simphony