cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-22085,https://securityvulnerability.io/vulnerability/CVE-2023-22085,Vulnerability in Oracle Hospitality OPERA 5 Property Services,"A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services, specifically in version 5.6, that allows a low privileged attacker with network access via HTTP to take control of the service. Successful exploitation of this vulnerability can lead to unauthorized access, compromising the confidentiality, integrity, and availability of the application. It underscores the need for prompt updates and diligent monitoring of network access to safeguard against potential threats.",Oracle,Hospitality Opera 5 Property Services,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-10-17T22:15:00.000Z,0
CVE-2023-22087,https://securityvulnerability.io/vulnerability/CVE-2023-22087,Authentication Flaw in Hospitality OPERA 5 Property Services by Oracle,"A network-based vulnerability in Oracle's Hospitality OPERA 5 Property Services allows an attacker with low privileges to exploit the affected system through HTTP. This flaw can lead to unauthorized control over the Hospitality OPERA 5 Property Services, which may compromise the security and integrity of sensitive data and operational functionalities. Users are urged to apply the recommended patches to mitigate risks associated with this vulnerability.",Oracle,Hospitality Opera 5 Property Services,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-10-17T22:15:00.000Z,0
CVE-2023-21932,https://securityvulnerability.io/vulnerability/CVE-2023-21932,Oracle Hospitality OPERA 5 Property Services Vulnerability Exposes Critical Data,"A vulnerability in Oracle Hospitality OPERA 5 Property Services could allow a high-privileged attacker with network access to HTTP interfaces to gain unauthorized access to sensitive data. Although primarily affecting OPERA 5, the implications of this vulnerability may extend to other related Oracle applications, emphasizing the risk of unauthorized data manipulation, including insert, delete, and update operations. Furthermore, the potential for a partial denial of service could disrupt operations, affecting both confidentiality and availability of data within the system.",Oracle,Hospitality Opera 5 Property Services,7.2,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2020-14877,https://securityvulnerability.io/vulnerability/CVE-2020-14877,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0009399999980814755,false,false,false,false,,false,false,2020-10-21T14:04:30.000Z,0
CVE-2020-14858,https://securityvulnerability.io/vulnerability/CVE-2020-14858,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality OPERA 5 Property Services. CVSS 3.1 Base Score 6.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Hospitality Opera 5 Property Services,6.8,MEDIUM,0.00279000005684793,false,false,false,false,,false,false,2020-10-21T14:04:29.000Z,0
CVE-2020-2677,https://securityvulnerability.io/vulnerability/CVE-2020-2677,,Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Login). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 5.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,5.7,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2020-01-15T16:34:06.000Z,0
CVE-2020-2675,https://securityvulnerability.io/vulnerability/CVE-2020-2675,,"Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Login). The supported version that is affected is 5.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,7.1,HIGH,0.0008900000248104334,false,false,false,false,,false,false,2020-01-15T16:34:06.000Z,0
CVE-2020-2676,https://securityvulnerability.io/vulnerability/CVE-2020-2676,,"Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Printing). The supported version that is affected is 5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality OPERA 5, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,6.1,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2020-01-15T16:34:06.000Z,0
CVE-2018-2956,https://securityvulnerability.io/vulnerability/CVE-2018-2956,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to compromise Oracle Hospitality OPERA 5 Property Services. While the vulnerability is in Oracle Hospitality OPERA 5 Property Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality OPERA 5 Property Services. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).",Oracle,Hospitality Opera 5 Property Services,8.1,HIGH,0.001069999998435378,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2018-3013,https://securityvulnerability.io/vulnerability/CVE-2018-3013,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Report Server Config). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0007900000200606883,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2018-3014,https://securityvulnerability.io/vulnerability/CVE-2018-3014,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Reports). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0007900000200606883,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2018-2957,https://securityvulnerability.io/vulnerability/CVE-2018-2957,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Logging). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,7.5,HIGH,0.001290000043809414,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2018-2955,https://securityvulnerability.io/vulnerability/CVE-2018-2955,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,5.3,MEDIUM,0.001129999989643693,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2017-10197,https://securityvulnerability.io/vulnerability/CVE-2017-10197,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Folios). The supported version that is affected is 5.4.2.x through 5.5.1.x. Easily exploitable vulnerability allows physical access to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,4.6,MEDIUM,0.0006300000241026282,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2017-10182,https://securityvulnerability.io/vulnerability/CVE-2017-10182,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Export Functionality). Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).",Oracle,Hospitality Opera 5 Property Services,4.4,MEDIUM,0.0009599999757483602,false,false,false,false,,false,false,2017-08-08T15:00:00.000Z,0
CVE-2017-3560,https://securityvulnerability.io/vulnerability/CVE-2017-3560,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OXI Interface). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",Oracle,Hospitality Opera 5 Property Services,4.3,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3552,https://securityvulnerability.io/vulnerability/CVE-2017-3552,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Room Image/Picture Setup). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",Oracle,Hospitality Opera 5 Property Services,4.3,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3573,https://securityvulnerability.io/vulnerability/CVE-2017-3573,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Printing). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality OPERA 5 Property Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,6.1,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3569,https://securityvulnerability.io/vulnerability/CVE-2017-3569,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Business Events). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,5.4,MEDIUM,0.0005499999970197678,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3568,https://securityvulnerability.io/vulnerability/CVE-2017-3568,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Printing and Login). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality OPERA 5 Property Services. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L).",Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0007999999797903001,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3574,https://securityvulnerability.io/vulnerability/CVE-2017-3574,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA License code configuration). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,7.1,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2016-5565,https://securityvulnerability.io/vulnerability/CVE-2016-5565,,"Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality via vectors related to OPERA.",Oracle,Hospitality Opera 5 Property Services,7.7,HIGH,0.0009500000160187483,false,false,false,false,,false,false,2016-10-25T14:00:00.000Z,0
CVE-2016-5563,https://securityvulnerability.io/vulnerability/CVE-2016-5563,,"Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote administrators to affect confidentiality, integrity, and availability via vectors related to OPERA.",Oracle,Hospitality Opera 5 Property Services,7.9,HIGH,0.005679999943822622,false,false,false,false,,false,false,2016-10-25T14:00:00.000Z,0
CVE-2016-5564,https://securityvulnerability.io/vulnerability/CVE-2016-5564,,"Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to OPERA.",Oracle,Hospitality Opera 5 Property Services,7.4,HIGH,0.0007800000021234155,false,false,false,false,,false,false,2016-10-25T14:00:00.000Z,0