CVE-2017-10383

Published: Oct 19, 2017Modified: May 13, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Guest Access. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Affected (2)

Products: Oracle: Hospitality Guest Access

1 product

Hospitality Guest Access

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Hospitality Guest Access	Version 4.2.0
Oracle Hospitality Guest Access	Version 4.2.1

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: secalert_us@oracle.com

PatchVendor Advisory

http://www.securityfocus.com/bid/101436

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/101436

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.