cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-21828,https://securityvulnerability.io/vulnerability/CVE-2023-21828,Vulnerability in Oracle Hospitality Reporting and Analytics,"An access control vulnerability exists in the Oracle Hospitality Reporting and Analytics component, part of the broader Oracle Food and Beverage Applications. This vulnerability allows low privileged attackers with network access via HTTPS to exploit the system. Successful exploitation may lead to unauthorized actions, including the creation, deletion, or modification of critical data, potentially compromising sensitive information entirely. This poses significant risks to data confidentiality and integrity, calling for immediate attention from affected users to mitigate potential exploits.",Oracle,Hospitality Reporting and Analytics,8.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2023-21826,https://securityvulnerability.io/vulnerability/CVE-2023-21826,Exploitable Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"A vulnerability in Oracle Hospitality Reporting and Analytics allows low-privileged attackers with network access via HTTPS to potentially compromise the system. Successful exploitation can lead to unauthorized access to sensitive data, providing attackers with the ability to update, insert, or delete accessible data. This vulnerability also enables attackers to trigger denial of service conditions, causing the application to crash or hang. Note that user interaction is required from a third party, making it crucial for users to remain vigilant.",Oracle,Hospitality Reporting and Analytics,7.6,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2021-2395,https://securityvulnerability.io/vulnerability/CVE-2021-2395,Vulnerability in Oracle Hospitality Reporting and Analytics of Oracle Food and Beverage Applications,"A security flaw in Oracle Hospitality Reporting and Analytics within Oracle Food and Beverage Applications allows low-privileged attackers with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, compromising the integrity and confidentiality of all accessible data. This highlights the necessity for organizations using this software to implement robust security measures to mitigate potential threats.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006799999973736703,false,,false,false,false,,,false,false,,2021-07-20T22:44:09.000Z,0
CVE-2021-1997,https://securityvulnerability.io/vulnerability/CVE-2021-1997,Unauthorized Access Vulnerability in Oracle Hospitality Reporting and Analytics,"A vulnerability exists in Oracle Hospitality Reporting and Analytics that permits low privileged attackers with network access via HTTP to compromise the system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, granting attackers access to sensitive information within the application. The affected version is 9.1.0, and it is crucial for users of Oracle's food and beverage solutions to assess their environments and implement necessary security measures to mitigate potential risks.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-01-20T14:49:59.000Z,0
CVE-2020-14753,https://securityvulnerability.io/vulnerability/CVE-2020-14753,Installation Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"A vulnerability exists in the Installation component of Oracle Hospitality Reporting and Analytics, impacting version 9.1.0. This security issue allows a low privileged attacker with access to the system to exploit the vulnerability and potentially gain unauthorized access to sensitive data. An essential aspect of this attack is that it requires human interaction from an individual other than the attacker. While the initial target is Oracle Hospitality Reporting and Analytics, the attack can have further implications on related products, exposing critical data and compromising data integrity.",Oracle,Hospitality Reporting And Analytics,5.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-10-21T14:04:23.000Z,0
CVE-2020-14616,https://securityvulnerability.io/vulnerability/CVE-2020-14616,Unauthorized Data Access Vulnerability in Oracle Hospitality Reporting and Analytics,"An unauthorized access vulnerability exists in Oracle Hospitality Reporting and Analytics, specifically in the Reporting component. This flaw can be exploited by attackers with high privileges and network access via HTTP. Successful exploitation can lead to unauthorized read access to sensitive data within Oracle Hospitality Reporting and Analytics, potentially compromising data confidentiality for users. Organizations using the affected version must implement security measures to safeguard against these risks.",Oracle,Hospitality Reporting And Analytics,2.7,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:30.000Z,0
CVE-2020-14594,https://securityvulnerability.io/vulnerability/CVE-2020-14594,High Privilege Vulnerability in Oracle Hospitality Reporting and Analytics,"A significant vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications, specifically concerning Inventory Integration. This flaw can be exploited by an attacker with high privileges who has the ability to log on to the infrastructure where the application operates. It allows them to potentially compromise the entire reporting and analytics system. Successfully executing an attack requires the interaction of a separate individual, thus highlighting the importance of user awareness and security protocols. If exploited, the attacker may gain control over the Oracle Hospitality Reporting and Analytics system, posing severe risks to data confidentiality, integrity, and availability.",Oracle,Hospitality Reporting And Analytics,6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14561,https://securityvulnerability.io/vulnerability/CVE-2020-14561,Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"An exploitable vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The affected version, 9.1.0, can be compromised by a low-privileged attacker who has access to the infrastructure where the application runs. Successful exploitation necessitates human interaction from an external individual. This vulnerability poses risks including unauthorized access that can lead to a complete takeover of the Oracle Hospitality Reporting and Analytics system.",Oracle,Hospitality Reporting And Analytics,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-07-15T17:34:27.000Z,0
CVE-2020-14543,https://securityvulnerability.io/vulnerability/CVE-2020-14543,Vulnerability in Oracle Food and Beverage Applications Affects Hospitality Reporting and Analytics,"A vulnerability exists within Oracle Hospitality Reporting and Analytics that could allow a low-privileged attacker, with their own login credentials, to exploit the system. This exploitation requires a third party's interaction and could result in unauthorized access, thereby compromising the integrity and confidentiality of the application. Affected users should take immediate action to mitigate potential threats and protect sensitive data.",Oracle,Hospitality Reporting And Analytics,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-07-15T17:34:26.000Z,0
CVE-2020-2746,https://securityvulnerability.io/vulnerability/CVE-2020-2746,Vulnerability in Oracle Hospitality Reporting and Analytics Component of Oracle Food and Beverage Applications,"A flaw in Oracle Hospitality Reporting and Analytics allows a low privileged attacker with administrative privileges and network access via HTTP to exploit the system. This vulnerability enables unauthorized users to create, delete, or modify critical data within the application. Such exploitations can lead to significant security breaches, resulting in unauthorized access to sensitive data. As a consequence, the compromised data integrity and confidentiality can pose severe risks to organizations relying on these applications for their operational needs. It is crucial for users to apply necessary patches and safeguards to mitigate the risk associated with this vulnerability.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-04-15T13:29:44.000Z,0
CVE-2019-2952,https://securityvulnerability.io/vulnerability/CVE-2019-2952,Vulnerability in Oracle Hospitality Reporting and Analytics for Food and Beverage Applications,"This vulnerability exists within the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications, specifically in version 9.1.0. It enables an unauthenticated attacker with network access via HTTP to compromise the system. Although the exploit requires human interaction from someone other than the attacker, it poses a significant risk by allowing unauthorized updates, inserts, or deletions of accessible data. Additionally, the exploit can lead to unauthorized reading of certain data within the system, potentially impacting the data integrity and confidentiality across associated products.",Oracle,Hospitality Reporting And Analytics,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-10-16T17:40:56.000Z,0
CVE-2019-2947,https://securityvulnerability.io/vulnerability/CVE-2019-2947,SQL Injection Vulnerability in Oracle Hospitality Reporting and Analytics,"A SQL injection vulnerability exists within the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. This flaw allows a low privileged attacker with Inventory Integration privileges and network access through HTTP to manipulate the system. If exploited, this could lead to unauthorized access to sensitive information, including critical data, as well as potential unauthorized updates, inserts, or deletions of accessible records. Organizations using the affected version should take immediate steps to mitigate this risk to safeguard their data and ensure system integrity.",Oracle,Hospitality Reporting And Analytics,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2937,https://securityvulnerability.io/vulnerability/CVE-2019-2937,Exploitable Vulnerability in Oracle Food and Beverage Applications Reporting and Analytics,"An exploitable vulnerability exists within the Reporting and Analytics component of Oracle's Food and Beverage Applications. This security flaw allows a low-privileged attacker with Admin - Configuration privileges and network access via HTTP to manipulate the affected system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, granting the attacker extensive access to sensitive information. Entities using version 9.1.0 must take immediate actions to secure their environments to mitigate potential risks.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2936,https://securityvulnerability.io/vulnerability/CVE-2019-2936,Vulnerability in Oracle Hospitality Reporting and Analytics Component,"A vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications, specifically version 9.1.0. This flaw can be exploited by an attacker with low privileges who has Admin - Configuration rights and network access via HTTP. By leveraging this vulnerability, the attacker could unauthorizedly create, delete, or modify access to critical data within Oracle Hospitality Reporting and Analytics, leading to potential information exposure and integrity issues. Such exploitation poses significant risks to sensitive operational data and overall system integrity.",Oracle,Hospitality Reporting And Analytics,6.8,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2934,https://securityvulnerability.io/vulnerability/CVE-2019-2934,Vulnerability in Oracle Hospitality Reporting and Analytics Affects Oracle Food and Beverage Applications,"A vulnerability exists in the Oracle Hospitality Reporting and Analytics component, which allows low privileged attackers with Admin - Configuration privileges to exploit the system via HTTP. This could potentially lead to unauthorized creation, modification, or deletion of critical data, compromising the integrity and confidentiality of all accessible data within Oracle Hospitality Reporting and Analytics.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2401,https://securityvulnerability.io/vulnerability/CVE-2019-2401,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2407,https://securityvulnerability.io/vulnerability/CVE-2019-2407,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2397,https://securityvulnerability.io/vulnerability/CVE-2019-2397,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,4.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2425,https://securityvulnerability.io/vulnerability/CVE-2019-2425,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-3128,https://securityvulnerability.io/vulnerability/CVE-2018-3128,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion, or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2018-2803,https://securityvulnerability.io/vulnerability/CVE-2018-2803,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2669,https://securityvulnerability.io/vulnerability/CVE-2018-2669,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2018-2650,https://securityvulnerability.io/vulnerability/CVE-2018-2650,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,7.1,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2017-10404,https://securityvulnerability.io/vulnerability/CVE-2017-10404,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. While the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L).",Oracle,Hospitality Reporting And Analytics,9.9,CRITICAL,0.0035500000230968,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10402,https://securityvulnerability.io/vulnerability/CVE-2017-10402,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. While the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",Oracle,Hospitality Reporting And Analytics,10,CRITICAL,0.007369999773800373,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0