Oracle Hospitality Reporting And Analytics vulnerabilities

CVE-2023-21826 [HIGH] CVE-2023-21826: Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Hospitality Reporting and Analytics. Successful attacks requi

CVE-2023-21828 [HIGH] CWE-284 CVE-2023-21828: Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Hospitality Reporting and Analytics. Successful attac

CVE-2021-2351 [HIGH] CWE-327 CVE-2021-2351: Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versi Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a perso

CVE-2021-2395 [HIGH] CVE-2021-2395: Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: iCare, Configuration). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attac

CVE-2021-1997 [HIGH] CVE-2021-1997: Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Report). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vul

CVE-2020-14753 [MEDIUM] CVE-2020-14753: Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Or

CVE-2020-14543 [HIGH] CVE-2020-14543: Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Orac

CVE-2020-2746 [HIGH] CVE-2020-2746: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of th

CVE-2019-10219 [MEDIUM] CWE-79 CVE-2019-10219: A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properl A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

CVE-2019-2934 [HIGH] CVE-2019-2934: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successf

CVE-2019-2937 [HIGH] CVE-2019-2937: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successf

CVE-2019-2936 [MEDIUM] CVE-2019-2936: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Difficult to exploit vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Succ

CVE-2019-10086 [HIGH] CWE-502 CVE-2019-10086: In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressi In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

CVE-2019-2401 [HIGH] CVE-2019-2401: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of th

CVE-2019-2407 [MEDIUM] CVE-2019-2407: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Ora

CVE-2019-2425 [MEDIUM] CVE-2019-2425: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can

CVE-2019-2397 [MEDIUM] CVE-2019-2397: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Ora

CVE-2018-3128 [HIGH] CVE-2018-3128: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverag Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of thi

CVE-2018-2803 [HIGH] CVE-2018-2803: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulne

CVE-2018-2650 [HIGH] CVE-2018-2650: Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of