CNNVD-202601-3139 Information
CNNVD ID
CNNVD-202601-3139
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
Oracle Hospitality Applications是美国甲骨文(Oracle)公司的一套用于酒店管理的业务应用程序、服务器和存储解决方案。该产品提供人力资源成本管理、提供客户整个旅途中服务的跟踪管理来提高客户满意度等功能。 Oracle Hospitality Applications的Oracle Hospitality OPERA 5 Property Services存在安全漏洞,该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击,可能导致未经授权的数据更新、插入、删除和读取。以下版本受到影响5.6.19.23版本、5.6.25.17版本、5.6.26.10版本和5.6.27.4版本。
Description (English)
Oracle Hospitality Applications is a business application, server and storage solution for hotel management for Oracle, United States. The product provides functions such as human resources cost management, tracking of services throughout the travel of clients to improve client satisfaction. There is a security loophole in Oracle Hospitality Application 5 Property Services, which originates from uncertified attackers who can attack via the HTTP network and may lead to unauthorized data updating, insertion, deletion and reading. The following versions were affected by versions 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
甲骨文
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpujan2026.html https://access.redhat.com/security/cve/cve-2026-21966
Patch
https://www.oracle.com/security-alerts/cpujan2026.html
Share on: