Buffer overflow

2018-07-1813:29:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.1%

JSON

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality Cruise Fleet Management System executes to compromise Oracle Hospitality Cruise Fleet Management System. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management System accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

CPENameOperatorVersion
hospitality_cruise_fleet_managementeq9.0

CPE	Name	Operator	Version
	hospitality_cruise_fleet_management	eq	9.0

References

www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

www.securityfocus.com/bid/104811

www.securitytracker.com/id/1041300