cvelist/2017/10xxx/CVE-2017-10383.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "secalert_us@oracle.com",
      "ID" : "CVE-2017-10383",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Hospitality Guest Access",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_affected" : "=",
                                 "version_value" : "4.2.0"
                              },
                              {
                                 "version_affected" : "=",
                                 "version_value" : "4.2.1"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Oracle Corporation"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Guest Access. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Guest Access.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data."
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
         },
         {
            "url" : "http://www.securityfocus.com/bid/101436"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
- Synchronized data. 2017-10-19 13:07:28 -04:00			`"ASSIGNER" : "secalert_us@oracle.com",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"ID" : "CVE-2017-10383",`
- Synchronized data. 2017-10-19 13:07:28 -04:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
- Synchronized data. 2017-10-20 06:03:56 -04:00			`"product_name" : "Hospitality Guest Access",`
- Synchronized data. 2017-10-19 13:07:28 -04:00			`"version" : {`
			`"version_data" : [`
			`{`
- Synchronized data. 2017-10-20 06:03:56 -04:00			`"version_affected" : "=",`
			`"version_value" : "4.2.0"`
			`},`
			`{`
			`"version_affected" : "=",`
			`"version_value" : "4.2.1"`
- Synchronized data. 2017-10-19 13:07:28 -04:00			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
- Synchronized data. 2017-10-20 06:03:56 -04:00			`"vendor_name" : "Oracle Corporation"`
- Synchronized data. 2017-10-19 13:07:28 -04:00			`}`
			`]`
			`}`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Synchronized data. 2017-10-19 13:07:28 -04:00			"value" : "Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Guest Access. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
- Synchronized data. 2017-10-20 06:03:56 -04:00			`"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Guest Access. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data."`
- Synchronized data. 2017-10-19 13:07:28 -04:00			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
			`"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"`
- Synchronized data. 2017-10-20 07:04:28 -04:00			`},`
			`{`
			`"url" : "http://www.securityfocus.com/bid/101436"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`