CVE-2018-2852 is a vulnerability in Oracle Hospitality Guest Access
Published on April 19, 2018
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Guest Access. While the vulnerability is in Oracle Hospitality Guest Access, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Guest Access accessible data as well as unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N).
Products Associated with CVE-2018-2852
Want to know whenever a new CVE is published for Oracle Hospitality Guest Access? stack.watch will email you.
Affected Versions
Oracle Corporation Hospitality Guest Access:- Version 4.2.0 is affected.
- Version 4.2.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.