漏洞类别:CGI
漏洞等级: 
漏洞信息
Oracle Hospitality OPERA Cloud Services is an enterprise platform for hotel operations and distribution. It offers the comprehensive, next-generation capabilities hotels need to enhance guest experiences and improve operating efficiency.
Oracle Opera is prone to multiple vulnerabilities which includes Session Hijacking, Exposed Database Credentials and Remote Command Execution.
Affected Versions:
Oracle Opera versions 5.4.0.0 through 5.4.3.0
Oracle Opera versions 5.5.0.0 through 5.5.1.0
漏洞危害
Depending on the vulnerability being exploited, a remote, unauthenticated attacker could hijack a user's session, steal database credentials and/or execute arbitrary commands on the system.
解决方案
The vendor has released a patch for this issue. Refer to CPUOCT2016 for more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论