CVE-2017-10205
MEDIUMOracle Hospitality Applications <2.9 - Info Disclosure
Title source: llmDescription
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). The supported version that is affected is 2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Simphony accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Scores
CVSS v3
4.3
EPSS
0.0022
EPSS Percentile
44.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
Status
published
Products (2)
oracle/hospitality_simphony
Oracle Corporation/Hospitality Simphony
< 2.9
Published
Aug 08, 2017
Tracked Since
Feb 18, 2026