Unspecified Vulnerability in Oracle Siebel CRM’s UI Framework Component
CVE-2016-0673

5.4MEDIUM

Key Information:

Vendor: Oracle
Status: Siebel Ui Framework
Vendor: CVE Published:; 21 April 2016

What is CVE-2016-0673?

An unspecified vulnerability exists in the UI Framework component of Oracle Siebel CRM versions 8.1.1 and 8.2.2. This flaw allows remote authenticated users to compromise the confidentiality and integrity of sensitive data through specific vectors related to the UIF Open UI. The potential exploitation of this vulnerability could lead to unauthorized actions affecting user data and application integrity.

References

http://www.securitytracker.com/id/1035598

vdb-entryx_refsource_SECTRACK

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2016
Vulnerability Reserved
Dec 9, 2015