How severe is CVE-2017-10337?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2017-10337?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-10337 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Suite8 accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality Suite8. CVSS 3.0 Base Score 5.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L).

Related Vulnerabilities

CVE-2016-1786

MEDIUM

CVSS:5.4(Medium)

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the d...

CWE-2002016

CVE-2016-5014

MEDIUM

CVSS:5.4(Medium)

In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.

CWE-2002016

CVE-2018-10581

MEDIUM

CVSS:5.4(Medium)

In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated T...

CWE-2002018

CVE-2018-17091

MEDIUM

CVSS:5.4(Medium)

An issue was discovered in DonLinkage 6.6.8. It allows remote attackers to obtain potentially sensitive information via a direct request for files/temporary.txt.

CWE-2002018

CVE-2018-1999030

MEDIUM

CVSS:5.4(Medium)

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.j...

CWE-2002018

CVE-2018-8024

MEDIUM

CVSS:5.4(Medium)

In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be trick...

CWE-2002018