cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-2368,https://securityvulnerability.io/vulnerability/CVE-2021-2368,Unauthenticated Access Vulnerability in Oracle Siebel CRM,"A vulnerability exists in the server infrastructure of Oracle's Siebel CRM that enables an unauthenticated attacker with network access via HTTPS to exploit the system. The flaw affects Siebel CRM versions 21.5 and earlier, potentially allowing unauthorized users to gain access to sensitive data or even full control over all data within the application. Attackers can exploit this vulnerability without prior authentication, posing a significant risk to organizations relying on Siebel CRM for data management. To ensure the security of critical information, immediate patches and updates are recommended.",Oracle,Siebel Core - Server Framework,5.9,MEDIUM,0.0019600000232458115,false,,false,false,false,,,false,false,,2021-07-20T22:43:45.000Z,0
CVE-2021-2353,https://securityvulnerability.io/vulnerability/CVE-2021-2353,Authorization Bypass in Oracle Siebel CRM Server Framework,"This vulnerability in Oracle Siebel CRM's Server Framework enables an attacker with high privileges, who is logged into the environment, to compromise the framework. Successful exploitation may lead to unauthorized access to sensitive data, potentially giving access to all data that the Server Framework can reach. Organizations utilizing affected versions of Oracle Siebel CRM should promptly apply available patches to secure their systems.",Oracle,Siebel Core - Server Framework,4.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-07-20T22:43:31.000Z,0
CVE-2021-2039,https://securityvulnerability.io/vulnerability/CVE-2021-2039,Unauthorized Data Access in Oracle Siebel CRM Search Component,"A vulnerability exists within the Search component of Oracle Siebel CRM's Server Framework that allows low-privileged attackers with network access via HTTP to exploit the system. Successful exploitation requires human interaction from a non-attacking user. The impact of this vulnerability can lead to unauthorized access to critical data within the Siebel Core - Server Framework. This not only compromises the integrity and confidentiality of the accessible data but also permits unauthorized updates, insertions, or deletions, potentially affecting additional interconnected products.",Oracle,Siebel Core - Server Framework,7.6,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2021-01-20T14:50:04.000Z,0
CVE-2021-2004,https://securityvulnerability.io/vulnerability/CVE-2021-2004,Vulnerability in Oracle Siebel CRM's Server BizLogic Script Component,"A vulnerability exists in the Server BizLogic Script component of Oracle Siebel CRM, which affects versions 20.12 and earlier. This flaw allows a low-privileged attacker to exploit the system remotely via HTTP, potentially leading to unauthorized read access to sensitive information contained within the Siebel Core. The vulnerability presents a significant risk by enabling attackers to access data that should otherwise be restricted, compromising the integrity and confidentiality of the system. Organizations utilizing impacted versions should evaluate their systems and apply relevant patches to mitigate the risk.",Oracle,Siebel Core - Server Framework,4.3,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2021-01-20T14:50:00.000Z,0
CVE-2019-2777,https://securityvulnerability.io/vulnerability/CVE-2019-2777,Unauthenticated Access Vulnerability in Oracle Siebel CRM's Search Functionality,"This vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM enables unauthenticated attackers with network access via HTTP to compromise the framework. Successful exploitation of this vulnerability requires human interaction from an individual other than the attacker. Despite its presence in the Server Framework, attacks can have a widespread impact, affecting other linked products. Exploitation may allow unauthorized access to sensitive data, enabling attackers to update, insert, or delete information accessible through the Server Framework, as well as to read unauthorized segments of data.",Oracle,Siebel Core - Server Framework,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2570,https://securityvulnerability.io/vulnerability/CVE-2019-2570,Server BizLogic Script Vulnerability in Oracle Siebel CRM,"A vulnerability exists in the Oracle Siebel CRM's Server BizLogic Script component, specifically within the Integration - Scripting subcomponent. This issue can be easily exploited by an authenticated attacker with network access via HTTP. Successful exploitation permits unauthorized manipulation of accessible data, including the ability to update, insert, or delete entries. Additionally, it may allow unauthorized read access to specific data and could result in a partial denial of service to the affected components.",Oracle,Siebel Core - Server Framework,4.7,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2019-04-23T18:16:39.000Z,0
CVE-2018-2789,https://securityvulnerability.io/vulnerability/CVE-2018-2789,,"Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). The supported version that is affected is 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. While the vulnerability is in Siebel Core - Server Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel Core - Server Framework accessible data. CVSS 3.0 Base Score 5.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).",Oracle,Siebel Core - Server Framework,5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2017-10162,https://securityvulnerability.io/vulnerability/CVE-2017-10162,,"Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel Core - Server Framework accessible data as well as unauthorized read access to a subset of Siebel Core - Server Framework accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Siebel Core - Server Framework,5.4,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10049,https://securityvulnerability.io/vulnerability/CVE-2017-10049,,"Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM (subcomponent: Search). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Core CRM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel Core CRM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel Core CRM accessible data as well as unauthorized read access to a subset of Siebel Core CRM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Siebel Core - Server Framework,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2016-3469,https://securityvulnerability.io/vulnerability/CVE-2016-3469,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.",Oracle,Siebel Core-server Framework,3.3,LOW,0.0006000000284984708,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5460,https://securityvulnerability.io/vulnerability/CVE-2016-5460,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors related to Services, a different vulnerability than CVE-2016-3450 and CVE-2016-5466.",Oracle,Siebel Core-server Framework,3.7,LOW,0.002469999948516488,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5466,https://securityvulnerability.io/vulnerability/CVE-2016-5466,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors related to Services, a different vulnerability than CVE-2016-3450 and CVE-2016-5460.",Oracle,Siebel Core-server Framework,3.7,LOW,0.002469999948516488,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5456,https://securityvulnerability.io/vulnerability/CVE-2016-5456,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Services.",Oracle,Siebel Core-server Framework,5.3,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5461,https://securityvulnerability.io/vulnerability/CVE-2016-5461,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Object Manager.",Oracle,Siebel Core-server Framework,6.5,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-3450,https://securityvulnerability.io/vulnerability/CVE-2016-3450,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors related to Services, a different vulnerability than CVE-2016-5460 and CVE-2016-5466.",Oracle,Siebel Core-server Framework,3.7,LOW,0.002469999948516488,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5462,https://securityvulnerability.io/vulnerability/CVE-2016-5462,,"Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via vectors related to Workspaces.",Oracle,Siebel Core-server Framework,2.7,LOW,0.0015899999998509884,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0