Vulnerability in Oracle Siebel CRM Open UI Framework
CVE-2017-10263

8.2HIGH

Key Information:

Vendor: Oracle
Status: Siebel Ui Framework
Vendor: CVE Published:; 19 October 2017

Summary

The vulnerability in the Siebel UI Framework component of Oracle Siebel CRM allows an unauthenticated attacker to exploit the system remotely by leveraging human interaction. This could lead to unauthorized access, enabling attackers to view, modify, or delete data that is accessible through the Siebel UI Framework. Given its potential for significant impact, this issue requires prompt attention to secure sensitive information from unauthorized modifications.

Affected Version(s)

Siebel UI Framework 16.0

Siebel UI Framework 17.0

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101421

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017