漏洞标题
N/A
漏洞描述信息
Oracle Hospitality Suite8组件(子组件:描述)中的漏洞。受影响的支持版本是8.x。容易利用的漏洞允许通过HTTP网络访问的较低权限攻击者访问Oracle Hospitality Suite8。成功的攻击需要攻击者之外的人进行人类交互。成功利用此漏洞可能会导致未经授权访问关键数据或完全访问所有Oracle Hospitality Suite8可访问的数据,以及未经授权更新、插入或删除某些Oracle Hospitality Suite8可访问数据,以及可能导致Oracle Hospitality Suite8 hang或频繁重复的崩溃(完全DOS)。CVSS 3.0基础得分7.6(保密性、完整性和可用性影响)。CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H)
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Profile). The supported version that is affected is 8.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suite8 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suite8 accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Suite8. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H).
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Oracle Hospitality Applications Hospitality Suite8组件安全漏洞
漏洞描述信息
Oracle Hospitality Applications是美国甲骨文(Oracle)公司的一套用于酒店管理的业务应用程序、服务器和存储解决方案。该方案提供人力资源成本管理、提供客户整个旅途中服务的跟踪管理来提高客户满意度等功能。Hospitality Suite8是其中的一个高级客户管理组件。 Oracle Hospitality Applications中的Hospitality Suite8组件8.x版本的Profile子组件存在安全漏洞。攻击者可利用该漏洞未授权访问、更新、插入或删除数据,造成
CVSS信息
N/A
漏洞类别
授权问题