{"containers": {"cna": {"affected": [{"product": "Hospitality RES 3700", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "5.5"}]}], "datePublic": "2017-07-18T00:00:00", "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). The supported version that is affected is 5.5. Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality RES 3700 accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality RES 3700 accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality RES 3700. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L)."}], "problemTypes": [{"descriptions": [{"description": "Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality RES 3700 accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality RES 3700 accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality RES 3700.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-09T09:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "1038941", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038941"}, {"name": "99815", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99815"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2017-10225", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Hospitality RES 3700", "version": {"version_data": [{"version_affected": "=", "version_value": "5.5"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). The supported version that is affected is 5.5. Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality RES 3700 accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality RES 3700 accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality RES 3700. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality RES 3700 accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality RES 3700 accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality RES 3700."}]}]}, "references": {"reference_data": [{"name": "1038941", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038941"}, {"name": "99815", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99815"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T17:33:17.010Z"}, "title": "CVE Program Container", "references": [{"name": "1038941", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038941"}, {"name": "99815", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/99815"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2017-10225", "datePublished": "2017-08-08T15:00:00", "dateReserved": "2017-06-21T00:00:00", "dateUpdated": "2024-08-05T17:33:17.010Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:hospitality_res_3700:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "7FA0EDDA-0DBD-49B3-BC5C-5162FE6C17E9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). The supported version that is affected is 5.5. Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality RES 3700 accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality RES 3700 accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality RES 3700. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L)."}, {"lang": "es", "value": "Vulnerabilidad en el componente Oracle Hospitality RES 3700 de Oracle Hospitality Applications (subcomponente: OPS Operations). La versi\u00f3n compatible afectada es la 5.5. Una vulnerabilidad dif\u00edcilmente explotable permite el acceso f\u00edsico, lo que compromete la seguridad de Oracle Hospitality RES 3700. Aunque la vulnerabilidad est\u00e1 presente en Oracle Hospitality RES 3700, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en la creaci\u00f3n, supresi\u00f3n o modificaci\u00f3n sin autorizaci\u00f3n de datos de un nivel de importancia cr\u00edtico o de todos los datos accesibles de Oracle Hospitality RES 3700, as\u00ed como el acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Oracle Hospitality RES 3700. Adem\u00e1s, esto podr\u00eda dar lugar a que un atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Oracle Hospitality RES 3700. CVSS 3.0 Base Score 7.0 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L)."}], "id": "CVE-2017-10225", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 0.4, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-08T15:29:06.663", "references": [{"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99815"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038941"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}