CVE-2019-2781

3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 45.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Hospitality Suite8Oracle Corporation Hospitality Suite8
Timeline
PublishedJul 23
Latest updateMay 24

Description

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: XML Interface). Supported versions that are affected are 8.9.6, 8.10.2 and 8.11-8.14. Easily exploitable vulnerability allows low privileged attacker with network access via TCP/IP to compromise Oracle Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suite8 accessible data. CVSS 3.0 B

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDoracle/hospitality_suite88.118.14+2
CVEListV5oracle_corporation/hospitality_suite88.10.2, 8.11-8.14, 8.9.6+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-32v5-9qwr-hx42: Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: XML Interface)2022-05-24
CVEList
CVE-2019-2781: Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: XML Interface)2019-07-23
CVE-2019-2781 (MEDIUM CVSS 6.5) | Vulnerability in the Oracle Hospita | cvebase.io