{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T03:08:54.442","vulnerabilities":[{"cve":{"id":"CVE-2018-2956","sourceIdentifier":"secalert_us@oracle.com","published":"2018-07-18T13:29:03.147","lastModified":"2024-11-21T04:04:50.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to compromise Oracle Hospitality OPERA 5 Property Services. While the vulnerability is in Oracle Hospitality OPERA 5 Property Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality OPERA 5 Property Services. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."},{"lang":"es","value":"Vulnerabilidad en el componente Oracle Hospitality OPERA 5 Property Services de Oracle Hospitality Applications (subcomponente: Integration). La versión compatible afectada es la 5.5.x. Una vulnerabilidad difícilmente explotable permite que un atacante no autenticado que consiga iniciar sesión en la infraestructura en la que se ejecuta Oracle Hospitality OPERA 5 Property Services comprometa la seguridad de Oracle Hospitality OPERA 5 Property Services. Aunque la vulnerabilidad está presente en Oracle Hospitality OPERA 5 Property Services, los ataques podrían afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en la toma de control de Oracle Hospitality OPERA 5 Property Services. CVSS 3.0 Base Score 8.1 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hospitality_opera_property_management:5.5:*:*:*:*:*:*:*","matchCriteriaId":"658CB5F0-0EEE-442D-AD3F-7DA1EA3040D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hospitality_opera_property_management:5.5.1:*:*:*:*:*:*:*","matchCriteriaId":"61EAA11B-6F62-437E-A96C-A8BC8B4C82F6"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104818","source":"secalert_us@oracle.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041300","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104818","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041300","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}