The vulnerability of the Simphony Enterprise Server component of the Oracle Hospitality Simphony sales management platform allows a perpetrator to execute arbitrary code.

🗓️ 02 May 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Vulnerability in Simphony Enterprise Server allows remote arbitrary code execution due to insufficient input validation.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-21010	17 Mar 202515:40	–	circl
CNNVD	Oracle Food and Beverage Applications 安全漏洞	16 Apr 202400:00	–	cnnvd
CVE	CVE-2024-21010	16 Apr 202421:26	–	cve
Cvelist	CVE-2024-21010	16 Apr 202421:26	–	cvelist
EUVD	EUVD-2024-18724	3 Oct 202520:07	–	euvd
NVD	CVE-2024-21010	16 Apr 202422:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - April 2024	16 Apr 202400:00	–	oracle
OSV	CVE-2024-21010	16 Apr 202422:15	–	osv
Positive Technologies	PT-2023-9068 · Oracle · Oracle Hospitality Simphony	7 Dec 202300:00	–	ptsecurity
RedhatCVE	CVE-2024-21010	5 Feb 202510:47	–	redhatcve

Vulners

Node

oracle oracle_hospitality_simphonyRange19.1.0–19.5.4

Source	Link
oracle	www.oracle.com/security-alerts/cpuapr2024.html
vuldb	www.vuldb.com/ru/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2024041749
safe-surf	www.safe-surf.ru/upload/VULN-new/VULN.2024-04-19.1.pdf
web	www.web.nvd.nist.gov/view/vuln/detail

02 May 2024 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 29

CVSS 39.9

EPSS0.00969

Simphony Enterprise Server remote code execution input validation flaw oracle hospitality simphony vulnerability