CVE-2020-14807

4 documents4 sources
Severity
7.1HIGH
EPSS
1.6%
top 18.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Hospitality SuiteOracle Corporation Hospitality Suite8
Timeline
PublishedOct 21
Latest updateMay 24

Description

Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect). Supported versions that are affected are 8.10.2 and 8.11-8.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

CVEListV5oracle_corporation/hospitality_suite88.10.2, 8.11-8.14+1
NVDoracle/hospitality_suite8.118.14+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-9pv3-28r4-ch49: Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect)2022-05-24
CVEList
CVE-2020-14807: Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect)2020-10-21

📋Vendor Advisories

1
Oracle
Oracle Oracle Hospitality Applications Risk Matrix: WebConnect — CVE-2020-148072020-10-15
CVE-2020-14807 (HIGH CVSS 7.1) | Vulnerability in the Oracle Hospita | cvebase.io