Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CVE# Product Component Protocol Remote
- Exploit
- without
- Auth.? CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) Supported Versions Affected Notes
- Base
- Score Attack
- Vector Attack
- Complex Privs
- Req'd User
- Interact Scope Confid-
- entiality Inte-
- grity Avail-
- ability
- CVE-2018-2697 Oracle Hospitality Cruise Fleet Management Emergency Response System HTTP Yes 9.1 Network Low None None Un-
- changed High High None 9.0.4.0
- CVE-2017-0781 MICROS Handheld Terminal MC40 Zebra Handheld unit Bluetooth Yes 8.8 Adjacent
- Network Low None None Un-
- changed High High High Prior to BSP 02.13.0701 (070116)
- CVE-2018-2608 Oracle Hospitality Simphony Security HTTP Yes 8.6 Network Low None None Changed High None None 2.7
- CVE-2018-2597 Oracle Hospitality Cruise Dining Room Management SilverWhere HTTP Yes 8.2 Network Low None Required Changed High Low None 8.0.78
- CVE-2018-2621 Oracle Hospitality Cruise Shipboard Property Management System Mobile Gangway and Mustering HTTP Yes 8.2 Network Low None None Un-
- changed High Low None 7.3.874
- CVE-2017-13077 MICROS Handheld Terminal MC40 Zebra Handheld unit WiFi Yes 8.1 Adjacent
- Network Low None None Un-
- changed High High None Prior to BSP 02.13.0701 (070116)
- CVE-2017-12617 Oracle Hospitality Guest Access Base (Apache Tomcat) HTTP Yes 8.1 Network High None None Un-
- changed High High High 4.2.0, 4.2.1
- CVE-2018-2666 Oracle Hospitality Labor Management Webservice Endpoint HTTP No 8.1 Network Low Low None Un-
- changed High High None 8.5.1, 9.0.0
- CVE-2018-2636 Oracle Hospitality Simphony Security HTTP Yes 8.1 Network High None None Un-
- changed High High High 2.7, 2.8, 2.9
- CVE-2018-2701 Oracle Hospitality Cruise Fleet Management Emergency Response System HTTP No 7.6 Network Low Low Required Changed High Low None 9.0.4.0
- CVE-2018-2700 Oracle Hospitality Cruise Fleet Management Emergency Response System HTTP Yes 7.5 Network Low None None Un-
- changed High None None 9.0.4.0
- CVE-2018-2604 Oracle Hospitality Guest Access Base HTTP Yes 7.5 Network Low None None Un-
- changed High None None 4.2.1
- CVE-2018-2589 Oracle Hospitality Simphony Enterprise Server HTTP Yes 7.5 Network Low None None Un-
- changed High None None 2.7, 2.8, 2.9
- CVE-2018-2672 Oracle Hospitality Simphony POS HTTP Yes 7.5 Network Low None None Un-
- changed High None None 2.7, 2.8, 2.9
- CVE-2018-2683 Oracle Hospitality Simphony POS HTTP Yes 7.5 Network Low None None Un-
- changed None None High 2.7, 2.8, 2.9
- CVE-2018-2650 Oracle Hospitality Reporting and Analytics Report HTTP No 7.1 Network Low Low None Un-
- changed Low High None 8.5.1, 9.0.0
- CVE-2018-2619 Oracle Hospitality Simphony Security HTTP No 6.5 Network Low Low None Un-
- changed High None None 2.7
- CVE-2018-2606 Oracle Hospitality Guest Access Base None No 6.2 Local Low None None Un-
- changed High None None 4.2.0, 4.2.1
- CVE-2018-2669 Oracle Hospitality Reporting and Analytics Report HTTP Yes 6.1 Network Low None Required Changed Low Low None 8.5.1, 9.0.0
- CVE-2018-2673 Oracle Hospitality Simphony POS HTTP Yes 5.9 Network High None None Un-
- changed High None None 2.7, 2.8, 2.9
- CVE-2018-2607 Oracle Hospitality Guest Access Base HTTP No 4.9 Network Low High None Un-
- changed None None High 4.2.1
- Additional CVEs addressed are below:
- The fix for CVE-2017-0781 also addresses CVE-2017-0782, CVE-2017-0783 and CVE-2017-0785.
- The fix for CVE-2017-13077 also addresses CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081 and CVE-2017-13082.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement