CVE-2017-10182

MEDIUM

Oracle Hospitality OPERA <5.4.0 - Unauthorized Access

Title source: llm

Description

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Export Functionality). Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).

References (3)

Scores

CVSS v3 4.4
EPSS 0.0059
EPSS Percentile 68.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Details

Status published
Products (6)
oracle/hospitality_opera_5_property_services
oracle/hospitality_opera_5_property_services
oracle/hospitality_opera_5_property_services
Oracle Corporation/Hospitality OPERA 5 Property Services < 5.4.0.x
Oracle Corporation/Hospitality OPERA 5 Property Services < 5.4.1.x
Oracle Corporation/Hospitality OPERA 5 Property Services < 5.4.3.x
Published Aug 08, 2017
Tracked Since Feb 18, 2026