Vulnerability in Siebel UI Framework of Oracle Siebel CRM
CVE-2017-3264

3.1LOW

Key Information:

Vendor

Oracle
Status
Siebel Ui Framework
Vendor
CVE Published:
27 January 2017

What is CVE-2017-3264?

The vulnerability in the Siebel UI Framework component of Oracle Siebel CRM affects version 16.1, enabling a low privileged attacker with network access via HTTP to potentially compromise the framework. This vulnerability allows unauthorized content manipulation, providing attackers with the ability to update, insert, or delete data within the Siebel UI Framework. The flaw poses a significant risk as it can lead to integrity breaches of accessible data.

Affected Version(s)

Siebel UI Framework 16.1

References

http://www.securitytracker.com/id/1037635
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/95508
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.