Hospitality Simphony Security Vulnerabilities and Issues — Hospitality Simphony CVE List

cve

CVE-2018-1285

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.

9.8CVSS

7.1AI Score

0.009EPSS

2020-05-11 05:15 PM

266

6

cve

CVE-2024-20997

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS

8.5AI Score

0.001EPSS

2024-04-16 10:15 PM

45

cve

CVE-2024-21010

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS

8.5AI Score

0.001EPSS

2024-04-16 10:15 PM

39

cve

CVE-2024-21014

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...

9.8CVSS

8.8AI Score

0.001EPSS

2024-04-16 10:15 PM

41

Hospitality Simphony Security Vulnerabilities - CVSS Score 9 - 10