-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0117
            Security Advisory: Oracle Hospitality Applications
                               20 July 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Oracle Hospitality Hotel Mobile
                      Oracle Hospitality Property Interfaces
                      Oracle Hospitality Suite8
                      Oracle Hospitality WebSuite8 Cloud Service
                      Oracle MICROS BellaVita
                      Oracle MICROS PC Workstation 2015
                      Oracle MICROS Workstation 650
                      Oracle Hospitality 9700
                      Oracle Hospitality Cruise AffairWhere
                      Oracle Hospitality Cruise Dining Room Management
                      Oracle Hospitality Cruise Fleet Management
                      Oracle Hospitality Cruise Materials Management
                      Oracle Hospitality Cruise Shipboard Property Management System
                      Oracle Hospitality e7
                      Oracle Hospitality Guest Access
                      Oracle Hospitality Inventory Management
                      Oracle Hospitality Materials Control
                      Oracle Hospitality OPERA 5 Property Services
                      Oracle Hospitality Reporting and Analytics
                      Oracle Hospitality RES 3700
                      Oracle Hospitality Simphony
                      Oracle Hospitality Suites Management
                      Oracle Payment Interface
Operating System:     Windows
                      UNIX variants (UNIX, Linux, OSX)
                      Mobile Device
Impact/Access:        Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                      Access Privileged Data          -- Remote/Unauthenticated
                      Modify Arbitrary Files          -- Remote/Unauthenticated
                      Delete Arbitrary Files          -- Remote/Unauthenticated
                      Denial of Service               -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2017-10232 CVE-2017-10231 CVE-2017-10230
                      CVE-2017-10229 CVE-2017-10228 CVE-2017-10226
                      CVE-2017-10225 CVE-2017-10224 CVE-2017-10223
                      CVE-2017-10222 CVE-2017-10221 CVE-2017-10220
                      CVE-2017-10219 CVE-2017-10218 CVE-2017-10217
                      CVE-2017-10216 CVE-2017-10213 CVE-2017-10212
                      CVE-2017-10211 CVE-2017-10208 CVE-2017-10207
                      CVE-2017-10206 CVE-2017-10205 CVE-2017-10201
                      CVE-2017-10200 CVE-2017-10195 CVE-2017-10189
                      CVE-2017-10188 CVE-2017-10182 CVE-2017-10169
                      CVE-2017-10168 CVE-2017-10142 CVE-2017-10136
                      CVE-2017-10133 CVE-2017-10132 CVE-2017-10128
                      CVE-2017-10097 CVE-2017-10079 CVE-2017-10076
                      CVE-2017-10069 CVE-2017-10056 CVE-2017-10047
                      CVE-2017-10044 CVE-2017-10002 CVE-2017-10001
                      CVE-2017-10000 CVE-2017-5689 
Member content until: Saturday, August 19 2017
Reference:            ESB-2017.1357

OVERVIEW

        Multiple vulnerabilities have been identified in Oracle Hospitality
        Applications products:
        
         - Hospitality Hotel Mobile, versions 1.01, 1.05, 1.1
        
         - Hospitality Property Interfaces, version 8.10.x
        
         - Hospitality Suite8, version 8.10.x
        
         - Hospitality WebSuite8 Cloud Service, versions 8.9.6, 8.10.x
        
         - MICROS BellaVita, version 2.7.x
        
         - MICROS PC Workstation 2015, versions Prior to O1302h
        
         - MICROS Workstation 650, versions Prior to E1500n
        
         - Oracle Hospitality 9700, version 4.0
        
         - Oracle Hospitality Cruise AffairWhere, version 2.2.05.062
        
         - Oracle Hospitality Cruise Dining Room Management, version 8.0.75
        
         - Oracle Hospitality Cruise Fleet Management, version 9.0
        
         - Oracle Hospitality Cruise Materials Management, version 7.30.562
        
         - Oracle Hospitality Cruise Shipboard Property Management System, 
        version 8.0.0.0
        
         - Oracle Hospitality e7, version 4.2.1
        
         - Oracle Hospitality Guest Access, versions 4.2.0.0, 4.2.1.0
        
         - Oracle Hospitality Inventory Management, versions 8.5.1, 9.0.0
        
         - Oracle Hospitality Materials Control, versions 8.31.4, 8.32.0
        
         - Oracle Hospitality OPERA 5 Property Services, versions 5.4.0.x, 
        5.4.1.x, 5.4.3.x
        
         - Oracle Hospitality Reporting and Analytics, versions 8.5.1, 9.0.0
        
         - Oracle Hospitality RES 3700, version 5.5
        
         - Oracle Hospitality Simphony, versions 2.8, 2.9
        
         - Oracle Hospitality Simphony First Edition, version 1.7.1
        
         - Oracle Hospitality Simphony First Edition Venue Management, 
        version 3.9
        
         - Oracle Hospitality Suites Management, version 3.7
        
         - Oracle Payment Interface, version 6.1.1 [1]


IMPACT

        The vendor has provided the following information regarding to the 
        vulnerabilities.
        
        "This Critical Patch Update contains 48 new security fixes for Oracle
        Hospitality Applications. 11 of these vulnerabilities may be 
        remotely exploitable without authentication, i.e., may be exploited
        over a network without requiring user credentials." [1]
        
        "CVE-2017-5689
        
        9.8
        
        AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        
        The supported version that is affected is Prior to O1302h. Easily 
        exploitable vulnerability allows unauthenticated attacker with 
        network access via HTTP to compromise MICROS PC Workstation 2015. 
        Successful attacks of this vulnerability can result in takeover of 
        MICROS PC Workstation 2015. Note: MICROS PC Workstation 2015 systems
        with Intel ME firmware 6.2.61.3535 or later are not affected by this
        issue. See Patch Availability document for MICROS PC Workstation 
        2015 for identifying the Intel ME firmware version on this device.
        
        CVE-2017-5689
        
        9.8
        
        AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        
        The supported version that is affected is Prior to O1302h. Easily 
        exploitable vulnerability allows unauthenticated attacker with 
        network access via HTTP to compromise MICROS PC Workstation 2015. 
        Successful attacks of this vulnerability can result in takeover of 
        MICROS PC Workstation 2015. Note: MICROS PC Workstation 2015 systems
        with Intel ME firmware 6.2.61.3535 or later are not affected by this
        issue. See Patch Availability document for MICROS PC Workstation 
        2015 for identifying the Intel ME firmware version on this device.
        
        CVE-2017-10000
        
        7.7
        
        AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
        
        Supported versions that are affected are 8.5.1 and 9.0.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Reporting 
        and Analytics. While the vulnerability is in Oracle Hospitality 
        Reporting and Analytics, attacks may significantly impact additional
        products. Successful attacks of this vulnerability can result in 
        unauthorized ability to cause a hang or frequently repeatable crash
        (complete DOS) of Oracle Hospitality Reporting and Analytics.
        
        CVE-2017-10232
        
        7.6
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
        
        Supported versions that are affected are 8.9.6 and 8.10.x. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Hospitality WebSuite8 Cloud 
        Service. Successful attacks of this vulnerability can result in 
        unauthorized access to critical data or complete access to all 
        Hospitality WebSuite8 Cloud Service accessible data as well as 
        unauthorized update, insert or delete access to some of Hospitality
        WebSuite8 Cloud Service accessible data and unauthorized ability to
        cause a partial denial of service (partial DOS) of Hospitality 
        WebSuite8 Cloud Service.
        
        CVE-2017-10001
        
        7.6
        
        AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H
        
        The supported version that is affected is 1.7.1. Easily exploitable
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Oracle Hospitality Simphony First Edition. 
        Successful attacks require human interaction from a person other 
        than the attacker. Successful attacks of this vulnerability can 
        result in unauthorized access to critical data or complete access to
        all Oracle Hospitality Simphony First Edition accessible data as 
        well as unauthorized update, insert or delete access to some of 
        Oracle Hospitality Simphony First Edition accessible data and 
        unauthorized ability to cause a hang or frequently repeatable crash
        (complete DOS) of Oracle Hospitality Simphony First Edition.
        
        CVE-2017-10136
        
        7.5
        
        AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 2.9. Easily exploitable 
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise Oracle Hospitality Simphony. Successful 
        attacks of this vulnerability can result in unauthorized access to 
        critical data or complete access to all Oracle Hospitality Simphony
        accessible data.
        
        CVE-2017-10206
        
        7.3
        
        AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
        
        The supported version that is affected is 2.9. Easily exploitable 
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise Oracle Hospitality Simphony. Successful 
        attacks of this vulnerability can result in unauthorized update, 
        insert or delete access to some of Oracle Hospitality Simphony 
        accessible data as well as unauthorized read access to a subset of 
        Oracle Hospitality Simphony accessible data and unauthorized ability
        to cause a partial denial of service (partial DOS) of Oracle 
        Hospitality Simphony.
        
        CVE-2017-10226
        
        7.1
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
        
        The supported version that is affected is 9.0. Easily exploitable 
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Oracle Hospitality Cruise Fleet Management. 
        Successful attacks of this vulnerability can result in unauthorized
        access to critical data or complete access to all Oracle Hospitality
        Cruise Fleet Management accessible data as well as unauthorized 
        update, insert or delete access to some of Oracle Hospitality Cruise
        Fleet Management accessible data.
        
        CVE-2017-10225
        
        7.0
        
        AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
        
        The supported version that is affected is 5.5. Difficult to exploit
        vulnerability allows physical access to compromise Oracle 
        Hospitality RES 3700. While the vulnerability is in Oracle 
        Hospitality RES 3700, attacks may significantly impact additional 
        products. Successful attacks of this vulnerability can result in 
        unauthorized creation, deletion or modification access to critical 
        data or all Oracle Hospitality RES 3700 accessible data as well as 
        unauthorized access to critical data or complete access to all 
        Oracle Hospitality RES 3700 accessible data and unauthorized ability
        to cause a partial denial of service (partial DOS) of Oracle 
        Hospitality RES 3700.
        
        CVE-2017-10216
        
        6.5
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 8.10.x. Easily exploitable
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Hospitality Property Interfaces. Successful 
        attacks of this vulnerability can result in unauthorized access to 
        critical data or complete access to all Hospitality Property 
        Interfaces accessible data.
        
        CVE-2017-10212
        
        6.5
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 8.10.x. Easily exploitable
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Hospitality Suite8. Successful attacks of this 
        vulnerability can result in unauthorized access to critical data or
        complete access to all Hospitality Suite8 accessible data.
        
        CVE-2017-10047
        
        6.5
        
        AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
        
        The supported version that is affected is 2.7.x. Easily exploitable
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise MICROS BellaVita. Successful attacks of this
        vulnerability can result in unauthorized update, insert or delete 
        access to some of MICROS BellaVita accessible data as well as 
        unauthorized read access to a subset of MICROS BellaVita accessible
        data.
        
        CVE-2017-10224
        
        6.4
        
        AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
        
        Supported versions that are affected are 8.5.1 and 9.0.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Inventory 
        Management. While the vulnerability is in Oracle Hospitality 
        Inventory Management, attacks may significantly impact additional 
        products. Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Inventory Management accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Inventory
        Management accessible data.
        
        CVE-2017-10076
        
        6.4
        
        AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
        
        The supported version that is affected is 3.9. Easily exploitable 
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Oracle Hospitality Simphony First Edition Venue 
        Management. While the vulnerability is in Oracle Hospitality 
        Simphony First Edition Venue Management, attacks may significantly 
        impact additional products. Successful attacks of this vulnerability
        can result in unauthorized update, insert or delete access to some 
        of Oracle Hospitality Simphony First Edition Venue Management 
        accessible data as well as unauthorized read access to a subset of 
        Oracle Hospitality Simphony First Edition Venue Management 
        accessible data.
        
        CVE-2017-10211
        
        6.1
        
        AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
        
        The supported version that is affected is 8.10.x. Easily exploitable
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise Hospitality Suite8. Successful attacks 
        require human interaction from a person other than the attacker and
        while the vulnerability is in Hospitality Suite8, attacks may 
        significantly impact additional products. Successful attacks of this
        vulnerability can result in unauthorized update, insert or delete 
        access to some of Hospitality Suite8 accessible data as well as 
        unauthorized read access to a subset of Hospitality Suite8 
        accessible data.
        
        CVE-2017-10128
        
        6.1
        
        AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
        
        Supported versions that are affected are 8.9.6 and 8.10.x. Easily 
        exploitable vulnerability allows unauthenticated attacker with 
        network access via HTTP to compromise Hospitality WebSuite8 Cloud 
        Service. Successful attacks require human interaction from a person
        other than the attacker and while the vulnerability is in 
        Hospitality WebSuite8 Cloud Service, attacks may significantly 
        impact additional products. Successful attacks of this vulnerability
        can result in unauthorized update, insert or delete access to some 
        of Hospitality WebSuite8 Cloud Service accessible data as well as 
        unauthorized read access to a subset of Hospitality WebSuite8 Cloud
        Service accessible data.
        
        CVE-2017-10097
        
        6.1
        
        AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
        
        Supported versions that are affected are 8.5.1 and 9.0.0. Easily 
        exploitable vulnerability allows unauthenticated attacker with 
        network access via HTTP to compromise Oracle Hospitality Reporting 
        and Analytics. Successful attacks require human interaction from a 
        person other than the attacker and while the vulnerability is in 
        Oracle Hospitality Reporting and Analytics, attacks may 
        significantly impact additional products. Successful attacks of this
        vulnerability can result in unauthorized update, insert or delete 
        access to some of Oracle Hospitality Reporting and Analytics 
        accessible data as well as unauthorized read access to a subset of 
        Oracle Hospitality Reporting and Analytics accessible data.
        
        CVE-2017-10079
        
        6.1
        
        AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
        
        The supported version that is affected is 3.7. Easily exploitable 
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise Oracle Hospitality Suites Management. 
        Successful attacks require human interaction from a person other 
        than the attacker and while the vulnerability is in Oracle 
        Hospitality Suites Management, attacks may significantly impact 
        additional products. Successful attacks of this vulnerability can 
        result in unauthorized update, insert or delete access to some of 
        Oracle Hospitality Suites Management accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Suites 
        Management accessible data.
        
        CVE-2017-10188
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 1.01. Easily exploitable 
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Hospitality Hotel Mobile executes to compromise
        Hospitality Hotel Mobile. Successful attacks of this vulnerability 
        can result in unauthorized access to critical data or complete 
        access to all Hospitality Hotel Mobile accessible data.
        
        CVE-2017-10189
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 8.10.x. Easily exploitable
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Hospitality Suite8 executes to compromise 
        Hospitality Suite8. Successful attacks of this vulnerability can 
        result in unauthorized access to critical data or complete access to
        all Hospitality Suite8 accessible data.
        
        CVE-2017-10169
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 4.0. Easily exploitable 
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Oracle Hospitality 9700 executes to compromise
        Oracle Hospitality 9700. Successful attacks of this vulnerability 
        can result in unauthorized access to critical data or complete 
        access to all Oracle Hospitality 9700 accessible data.
        
        CVE-2017-10056
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 4.0. Easily exploitable 
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Oracle Hospitality 9700 executes to compromise
        Oracle Hospitality 9700. Successful attacks of this vulnerability 
        can result in unauthorized access to critical data or complete 
        access to all Oracle Hospitality 9700 accessible data.
        
        CVE-2017-10231
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 2.2.05.062. Easily 
        exploitable vulnerability allows low privileged attacker with logon
        to the infrastructure where Oracle Hospitality Cruise AffairWhere 
        executes to compromise Oracle Hospitality Cruise AffairWhere. 
        Successful attacks of this vulnerability can result in unauthorized
        access to critical data or complete access to all Oracle Hospitality
        Cruise AffairWhere accessible data.
        
        CVE-2017-10219
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily
        exploitable vulnerability allows low privileged attacker with logon
        to the infrastructure where Oracle Hospitality Guest Access executes
        to compromise Oracle Hospitality Guest Access. Successful attacks of
        this vulnerability can result in unauthorized access to critical 
        data or complete access to all Oracle Hospitality Guest Access 
        accessible data.
        
        CVE-2017-10201
        
        5.5
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 4.2.1. Easily exploitable
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Oracle Hospitality e7 executes to compromise 
        Oracle Hospitality e7. Successful attacks of this vulnerability can
        result in unauthorized access to critical data or complete access to
        all Oracle Hospitality e7 accessible data.
        
        CVE-2017-10230
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        The supported version that is affected is 8.0.75. Easily exploitable
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Oracle Hospitality Cruise Dining Room Management.
        Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Cruise Dining Room Management accessible data as well as
        unauthorized read access to a subset of Oracle Hospitality Cruise
        Dining Room Management accessible data.
        
        CVE-2017-10229
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        The supported version that is affected is 7.30.562. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Cruise 
        Materials Management. Successful attacks of this vulnerability can 
        result in unauthorized update, insert or delete access to some of 
        Oracle Hospitality Cruise Materials Management accessible data as 
        well as unauthorized read access to a subset of Oracle Hospitality 
        Cruise Materials Management accessible data.
        
        CVE-2017-10228
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        The supported version that is affected is 8.0.0.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Cruise 
        Shipboard Property Management System. Successful attacks of this 
        vulnerability can result in unauthorized update, insert or delete 
        access to some of Oracle Hospitality Cruise Shipboard Property 
        Management System accessible data as well as unauthorized read 
        access to a subset of Oracle Hospitality Cruise Shipboard Property 
        Management System accessible data.
        
        CVE-2017-10002
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        Supported versions that are affected are 8.5.1 and 9.0.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Inventory 
        Management. Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Inventory Management accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Inventory
        Management accessible data.
        
        CVE-2017-10222
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        Supported versions that are affected are 8.31.4 and 8.32.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Materials 
        Control. Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Materials Control accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Materials
        Control accessible data.
        
        CVE-2017-10223
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        Supported versions that are affected are 8.31.4 and 8.32.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Materials 
        Control. Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Materials Control accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Materials
        Control accessible data.
        
        CVE-2017-10142
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        Supported versions that are affected are 8.5.1 and 9.0.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Reporting 
        and Analytics. Successful attacks of this vulnerability can result 
        in unauthorized update, insert or delete access to some of Oracle 
        Hospitality Reporting and Analytics accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Reporting
        and Analytics accessible data.
        
        CVE-2017-10044
        
        5.4
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        Supported versions that are affected are 8.5.1 and 9.0.0. Easily 
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Reporting 
        and Analytics. Successful attacks of this vulnerability can result 
        in unauthorized update, insert or delete access to some of Oracle 
        Hospitality Reporting and Analytics accessible data as well as 
        unauthorized read access to a subset of Oracle Hospitality Reporting
        and Analytics accessible data.
        
        CVE-2017-10207
        
        5.3
        
        AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
        
        The supported version that is affected is 2.9. Easily exploitable 
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise Oracle Hospitality Simphony. Successful 
        attacks of this vulnerability can result in unauthorized ability to
        cause a partial denial of service (partial DOS) of Oracle 
        Hospitality Simphony.
        
        CVE-2017-10069
        
        5.3
        
        AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
        
        The supported version that is affected is 6.1.1. Difficult to 
        exploit vulnerability allows low privileged attacker with network 
        access via HTTP to compromise Oracle Payment Interface. Successful 
        attacks of this vulnerability can result in unauthorized access to 
        critical data or complete access to all Oracle Payment Interface 
        accessible data.
        
        CVE-2017-10221
        
        5.0
        
        AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
        
        The supported version that is affected is 5.5. Difficult to exploit
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Oracle Hospitality RES 3700 executes to 
        compromise Oracle Hospitality RES 3700. Successful attacks require 
        human interaction from a person other than the attacker and while 
        the vulnerability is in Oracle Hospitality RES 3700, attacks may 
        significantly impact additional products. Successful attacks of this
        vulnerability can result in unauthorized update, insert or delete 
        access to some of Oracle Hospitality RES 3700 accessible data as 
        well as unauthorized read access to a subset of Oracle Hospitality 
        RES 3700 accessible data and unauthorized ability to cause a partial
        denial of service (partial DOS) of Oracle Hospitality RES 3700.
        
        CVE-2017-10168
        
        4.6
        
        AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:L
        
        The supported version that is affected is 1.1. Difficult to exploit
        vulnerability allows physical access to compromise Hospitality Hotel
        Mobile. Successful attacks of this vulnerability can result in 
        unauthorized access to critical data or complete access to all 
        Hospitality Hotel Mobile accessible data and unauthorized ability to
        cause a partial denial of service (partial DOS) of Hospitality Hotel
        Mobile.
        
        CVE-2017-10182
        
        4.4
        
        AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
        
        Supported versions that are affected are 5.4.0.x, 5.4.1.x and 
        5.4.3.x. Difficult to exploit vulnerability allows high privileged 
        attacker with network access via HTTP to compromise Oracle 
        Hospitality OPERA 5 Property Services. Successful attacks of this 
        vulnerability can result in unauthorized access to critical data or
        complete access to all Oracle Hospitality OPERA 5 Property Services
        accessible data.
        
        CVE-2017-10200
        
        4.4
        
        AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
        
        The supported version that is affected is 4.2.1. Easily exploitable
        vulnerability allows low privileged attacker with logon to the 
        infrastructure where Oracle Hospitality e7 executes to compromise 
        Oracle Hospitality e7. Successful attacks of this vulnerability can
        result in unauthorized update, insert or delete access to some of 
        Oracle Hospitality e7 accessible data as well as unauthorized read 
        access to a subset of Oracle Hospitality e7 accessible data.
        
        CVE-2017-10133
        
        4.3
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
        
        The supported version that is affected is 1.1. Easily exploitable 
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Hospitality Hotel Mobile. Successful attacks of 
        this vulnerability can result in unauthorized update, insert or 
        delete access to some of Hospitality Hotel Mobile accessible data.
        
        CVE-2017-10132
        
        4.3
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
        
        The supported version that is affected is 1.05. Easily exploitable 
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Hospitality Hotel Mobile. Successful attacks of 
        this vulnerability can result in unauthorized update, insert or 
        delete access to some of Hospitality Hotel Mobile accessible data.
        
        CVE-2017-10217
        
        4.3
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
        
        Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Guest 
        Access. Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Guest Access accessible data.
        
        CVE-2017-10218
        
        4.3
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
        
        Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily
        exploitable vulnerability allows low privileged attacker with 
        network access via HTTP to compromise Oracle Hospitality Guest 
        Access. Successful attacks of this vulnerability can result in 
        unauthorized read access to a subset of Oracle Hospitality Guest 
        Access accessible data.
        
        CVE-2017-10205
        
        4.3
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
        
        The supported version that is affected is 2.9. Easily exploitable 
        vulnerability allows low privileged attacker with network access via
        HTTP to compromise Oracle Hospitality Simphony. Successful attacks 
        of this vulnerability can result in unauthorized read access to a 
        subset of Oracle Hospitality Simphony accessible data.
        
        CVE-2017-10195
        
        4.3
        
        AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
        
        The supported version that is affected is 2.8. Easily exploitable 
        vulnerability allows unauthenticated attacker with network access 
        via HTTP to compromise Oracle Hospitality Simphony. Successful 
        attacks require human interaction from a person other than the 
        attacker. Successful attacks of this vulnerability can result in 
        unauthorized update, insert or delete access to some of Oracle 
        Hospitality Simphony accessible data.
        
        CVE-2017-10208
        
        4.3
        
        AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
        
        The supported version that is affected is 4.2.1. Easily exploitable
        vulnerability allows low privileged attacker with network access via
        SMTP to compromise Oracle Hospitality e7. Successful attacks of this
        vulnerability can result in unauthorized read access to a subset of
        Oracle Hospitality e7 accessible data.
        
        CVE-2017-10220
        
        4.0
        
        AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
        
        The supported version that is affected is 8.10.x. Easily exploitable
        vulnerability allows unauthenticated attacker with logon to the 
        infrastructure where Hospitality Property Interfaces executes to 
        compromise Hospitality Property Interfaces. Successful attacks of 
        this vulnerability can result in unauthorized read access to a 
        subset of Hospitality Property Interfaces accessible data.
        
        CVE-2017-10213
        
        4.0
        
        AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
        
        The supported version that is affected is 8.10.x. Easily exploitable
        vulnerability allows unauthenticated attacker with logon to the 
        infrastructure where Hospitality Suite8 executes to compromise 
        Hospitality Suite8. Successful attacks of this vulnerability can 
        result in unauthorized read access to a subset of Hospitality Suite8
        accessible data." [2]


MITIGATION

        Oracle states:
        
        "Due to the threat posed by a successful attack, Oracle strongly 
        recommends that customers apply CPU fixes as soon as possible. Until
        you apply the CPU fixes, it may be possible to reduce the risk of 
        successful attack by blocking network protocols required by an 
        attack. For attacks that require certain privileges or access to 
        certain packages, removing the privileges or the ability to access 
        the packages from users that do not need the privileges may help 
        reduce the risk of successful attack. Both approaches may break 
        application functionality, so Oracle strongly recommends that 
        customers test changes on non-production systems. Neither approach 
        should be considered a long-term solution as neither corrects the 
        underlying problem." [1]


REFERENCES

        [1] Oracle Critical Patch Update Advisory - July 2017
            http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

        [2] Text Form of Oracle Critical Patch Update - July 2017 Risk Matrices
            http://www.oracle.com/technetwork/security-advisory/cpujul2017verbose-3236625.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWXADYYx+lLeg9Ub1AQgrIw/+IRpFSplQmGzzfzoN2U5UaSZlekos4rMg
vxAOG9u2jtCB/pk6xLI7FL4a4ZtvwthrjcaQ902z5MuspH21ylJdxiT+DPywAp/l
4SMMqC3Ken4uGUZOt1zKrf5HeTaYjqo8x7/geIHtK4RV+m5XAk5lE42MBrbE8oHo
QEyAhcZlXdw9vc7g4I95vvSYVW+LWyUI3EMHDgBhxQACTDlHKBgtcJO340CXm/Ce
hGKsduXf3fyThDkJkhpuRwUokiKzXLevAwUbo2N5ANIWsXHPFbkbUQyTXr+V2aIU
BdPHPDMv3ViRRXRWjUwsbohBNNewM1qJnd6lZf9HeLJ4yHvuiedWWNrGlGBSf72b
aEfdCtgQppySs1LcYI89aKgckOzssfP6wGG4DIgoBwNRgE8QSFpjTZaflECXX3Iv
rk4vYXKARkFTwKkU2iVI5Xk96rtYKxiQ9GChr+xl0I75OsXlGnao5GVP6i+DDo0j
TSyvF632o/g4NvjAm5MQcmgDDJDlwf7elScxZFGyJqJGohaa1MU8dKYY2zYtRf8U
nsnxokSBa2nDsSz81Ym0eudB0AgF4Xn+6lFRebj0IlhsREH5KeQidrQTt2vOfrQE
sxmaBlr1pg+ASEZLQ1T7Z7GjSCaRpmrM2x8P+h3uXZDXGBKqSz3PL/A2qb2BjgTK
eCRs6KmU+Zc=
=KAAf
-----END PGP SIGNATURE-----