Vulnerability in Oracle Siebel CRM’s UI Framework Component
CVE-2017-3330

7.6HIGH

Key Information:

Vendor
Oracle
Status
Siebel Ui Framework
Vendor
CVE Published:
27 January 2017

Summary

A vulnerability affecting the Siebel UI Framework in Oracle Siebel CRM allows low-privileged attackers with network access to exploit the component through HTTP requests. This exploitation can lead to unauthorized access and manipulation of sensitive data. While attacks necessitate human interaction for successful exploitation, the implications can extend beyond the Siebel UI Framework to impact additional Oracle products. The vulnerability enables potential attackers to gain access, as well as update, insert, or delete data accessible through the framework.

Affected Version(s)

Siebel UI Framework 16.1

References

http://www.securitytracker.com/id/1037635
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/95499
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.