CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-10232

Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Supported versions that are affected are 8.9.6 and 8.10.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Hospitality WebSuite8 Cloud Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hospitality WebSuite8 Cloud Service accessible data as well as unauthorized update, insert or delete access to some of Hospitality WebSuite8 Cloud Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Hospitality WebSuite8 Cloud Service. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.6%

CVSS Severity

CVSS v3 Score 7.6

CVSS v2 Score 6.5

References

Products affected by CVE-2017-10232

Oracle » Hospitality Websuite8 Cloud Service » Version: 8.10.0

cpe:2.3:a:oracle:hospitality_websuite8_cloud_service:8.10.0
Oracle » Hospitality Websuite8 Cloud Service » Version: 8.10.1

cpe:2.3:a:oracle:hospitality_websuite8_cloud_service:8.10.1
Oracle » Hospitality Websuite8 Cloud Service » Version: 8.10.2

cpe:2.3:a:oracle:hospitality_websuite8_cloud_service:8.10.2
Oracle » Hospitality Websuite8 Cloud Service » Version: 8.9.6

cpe:2.3:a:oracle:hospitality_websuite8_cloud_service:8.9.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-10232

Products

Pricing

Contact Us