CVE-2018-2789

3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.3%

top 46.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Siebel Core - Server Framework Oracle Siebel Core-server Framework

Timeline

PublishedApr 19

Latest updateMay 13

Description

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). The supported version that is affected is 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. While the vulnerability is in Siebel Core - Server Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a sub…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages2 packages

▶NVDoracle/siebel_core-server_framework17.0

▶CVEListV5oracle_corporation/siebel_core_-_server_framework17.0

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-wjrm-gvgx-jgvr: Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services)↗2022-05-13

▶

CVEList

CVE-2018-2789: Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services)↗2018-04-19

▶