Oracle Hospitality Cruise Fleet Management Remote Information Leakage Vulnerability (CVE-2018-2697)
Oracle Hospitality Cruise Fleet Management Remote Information Leakage Vulnerability (CVE-2018-2697)
Release date:
Updated on:
Affected Systems:
Oracle Hospitality Cruise Fleet Management 9.0.4.0
Description:
Bugtraq id: 102533
CVE (CAN) ID: CVE-2018-2697
Oracle Hospitality is a solution for the hotel catering industry.
The Oracle Hospitality Cruise Fleet Management component 9.0.4.0 has a security vulnerability. After successful exploitation, unauthenticated attackers can exploit this vulnerability to create, delete, or modify key data without authorization.
<* Source: Oracle
*>
Suggestion:
Vendor patch:
Oracle
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.oracle.com/index.html
Http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html