CVE-2017-10162

3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.3%

top 51.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Siebel Core - Server Framework Oracle Siebel Core-server Framework

Timeline

PublishedOct 19

Latest updateMay 13

Description

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel Core - Server Framework accessible data as well as unauthorized read access to…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDoracle/siebel_core-server_framework16.0, 17.0+1

▶CVEListV5oracle_corporation/siebel_core_-_server_framework16.0, 17.0+1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-px83-vm7h-24c2: Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services)↗2022-05-13

▶

CVEList

CVE-2017-10162: Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services)↗2017-10-19

▶