CVE-2014-2485

CWE-862 — Missing Authorization5 documents5 sources

Severity

1.4LOW

EPSS

0.2%

top 60.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Siebel CRM

Timeline

PublishedJul 17

Latest updateMay 24

Description

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality via unknown vectors related to Integration Business Services.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 2.5 | Impact: 2.9

Affected Packages1 packages

▶NVDoracle/siebel_crm8.1.1, 8.2.2+1

🔴Vulnerability Details

GHSA

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins↗2022-05-24

▶

GHSA

GHSA-cfcf-26xg-6rpv: Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8↗2022-05-14

▶

CVEList

CVE-2014-2485: Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8↗2014-07-17

▶