Oracle Hospitality Simphony Vulnerability (CVE-2024-20997) – Critical

2024-11-27

:

A critical vulnerability (CVE-2024-20997) exists in Oracle Hospitality Simphony (versions 19.1.0-19.5.4). This vulnerability allows low-privileged attackers with network access to compromise the system completely.

Vulnerability Details:

Platform: Oracle Hospitality Simphony (component: Simphony Enterprise Server)
Version: 19.1.0 – 19.5.4
Vulnerability: Easily exploitable via HTTP
Severity: Critical (CVSS 3.1 Base Score: 9.9)
Date: April 16, 2024 (published by NIST)

What Undercode Says:

This is a critical vulnerability that can be exploited with ease. If you are using Oracle Hospitality Simphony, it is crucial to patch your system immediately. Oracle likely released a patch to address this vulnerability in April 2024. Check with Oracle for the latest updates and apply them as soon as possible.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top