CVE-2018-2847

2018-04-1902:00:00

oracle

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

JSON

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony First Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Simphony First Edition accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

CNA Affected

[
  {
    "product": "Hospitality Simphony First Edition",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.6"
      },
      {
        "status": "affected",
        "version": "1.7"
      }
    ]
  }
]