CVE-2020-14810

4 documents4 sources
Severity
5.4MEDIUM
EPSS
0.6%
top 31.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Hospitality Suite8Oracle Corporation Hospitality Suite8
Timeline
PublishedOct 21
Latest updateMay 24

Description

Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect). Supported versions that are affected are 8.10.2 and 8.11-8.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

NVDoracle/hospitality_suite88.118.14+1
CVEListV5oracle_corporation/hospitality_suite88.10.2, 8.11-8.14+1

🔴Vulnerability Details

2
GHSA
GHSA-g29x-9pgw-4xv5: Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect)2022-05-24
CVEList
CVE-2020-14810: Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect)2020-10-21

📋Vendor Advisories

1
Oracle
Oracle Oracle Hospitality Applications Risk Matrix: WebConnect — CVE-2020-148102020-10-15
CVE-2020-14810 (MEDIUM CVSS 5.4) | Vulnerability in the Oracle Hospita | cvebase.io