Outlook Client Vulnerability in Oracle's Siebel CRM Affects Data Security
CVE-2018-2574

8.1HIGH

Key Information:

Vendor: Oracle
Status: Siebel Crm Desktop
Vendor: CVE Published:; 18 January 2018

What is CVE-2018-2574?

The vulnerability in Oracle's Siebel CRM Desktop's Outlook Client component allows low privileged attackers with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized actions such as creating, deleting, or altering critical data stored within the Siebel CRM. This risk results in potential exposure of sensitive information, making it essential for organizations using affected versions (16.0 and 17.0) to apply security patches promptly to mitigate these threats.

Affected Version(s)

Siebel CRM Desktop 16.0

Siebel CRM Desktop 17.0

References

http://www.oracle.com/technetwork/security-advisory/cpuja...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/102623

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2018
Vulnerability Reserved
Dec 15, 2017