CVE-2018-2829

N/A

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). The supported version that is affected is 2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Simphony accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Simphony accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L).

N/A

N/A

Oracle Hospitality Applications Hospitality Simphony组件安全漏洞

Oracle Hospitality Applications是美国甲骨文（Oracle）公司的一套用于酒店管理的业务应用程序、服务器和存储解决方案。该方案提供人力资源成本管理、提供客户整个旅途中服务的跟踪管理来提高客户满意度等功能。Hospitality Simphony是其中的一个基于云的酒店管理组件。 Oracle Hospitality Applications中的Hospitality Simphony组件2.10版本的Enterprise Management Console子组件存在安全漏洞

N/A

N/A