Vulnerability CVE-2017-10168

Vulnerability CVE-2017-10168

Published: 2017-08-08

Description:

Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite 8/Windows). The supported version that is affected is 1.1. Difficult to exploit vulnerability allows physical access to compromise Hospitality Hotel Mobile. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hospitality Hotel Mobile accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Hospitality Hotel Mobile. CVSS 3.0 Base Score 4.6 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L).

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:N/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
3.3/10	4.9/10	3.4/10

Exploit range	Attack complexity	Authentication
Local	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	None	Partial

Affected software
Oracle -> Hospitality hotel mobile

References:

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.securityfocus.com/bid/99841

http://www.securitytracker.com/id/1038941

Copyright 2024, cxsecurity.com