Executive Summary

This vulnerability is a Missing Authorization issue in the VikBooking Hotel Booking Engine & PMS software. It affects versions up to and including 1.8.2. Missing Authorization means that the software does not properly verify whether a user has permission to perform certain actions, potentially allowing unauthorized users to access or modify data or functionality.

Useful 0 Not Useful 0

Impact Analysis

The impact of this vulnerability could include unauthorized access to sensitive booking or hotel management data, unauthorized modifications to bookings or system settings, and potential disruption of hotel operations. This could lead to data breaches, loss of customer trust, and operational issues.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability could negatively affect compliance with standards like GDPR or HIPAA because unauthorized access to personal or sensitive data may occur due to missing authorization controls. Such breaches can lead to violations of data protection regulations and result in legal and financial penalties.

Useful 0 Not Useful 0