Hospitality Guest Access Security Vulnerabilities and Issues — Hospitality Guest Access CVE List

Lucene search

OracleHospitality Guest Access

10 matches found

CVE•added 2017/10/04 1:29 a.m.•1467 views

CVE-2017-12617

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted ...

8.1CVSS7.5AI score0.94394EPSS

CVE•added 2017/04/06 9:59 p.m.•981 views

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency wit...

9.8CVSS8AI score0.94003EPSS

CVE•added 2017/06/16 9:29 p.m.•159 views

CVE-2017-9735

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

7.5CVSS7.3AI score0.00522EPSS

CVE•added 2017/10/19 5:29 p.m.•42 views

CVE-2017-10370

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospit...

6.9CVSS6.6AI score0.00308EPSS

CVE•added 2017/08/08 3:29 p.m.•41 views

CVE-2017-10218

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hos...

4.3CVSS3.4AI score0.00223EPSS

CVE•added 2017/10/19 5:29 p.m.•41 views

CVE-2017-10375

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospita...

4.9CVSS4AI score0.00185EPSS

CVE•added 2017/08/08 3:29 p.m.•40 views

CVE-2017-10219

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospita...

5.5CVSS5.3AI score0.00121EPSS

CVE•added 2017/10/19 5:29 p.m.•40 views

CVE-2017-10383

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle H...

5.3CVSS4.4AI score0.0048EPSS

CVE•added 2017/10/19 5:29 p.m.•36 views

CVE-2017-10372

8.7CVSS8AI score0.00346EPSS

CVE•added 2017/08/08 3:29 p.m.•35 views

CVE-2017-10217

4.3CVSS3.8AI score0.00405EPSS