cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-21909,https://securityvulnerability.io/vulnerability/CVE-2023-21909,Exploitable Vulnerability in Siebel CRM UI Framework by Oracle,"A vulnerability exists in the UI Framework of Oracle's Siebel CRM product, affecting versions 23.3 and earlier. This flaw can be easily exploited by low-privileged attackers with network access via HTTP. Successful exploitation may allow attackers to gain unauthorized access to sensitive data, potentially compromising critical information stored within the Siebel CRM system. It is essential for users to implement security measures to mitigate the risks associated with this vulnerability.",Oracle,Siebel Ui Framework,6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2020-14531,https://securityvulnerability.io/vulnerability/CVE-2020-14531,Unauthorized Access Vulnerability in Oracle Siebel CRM SWSE Server,"This vulnerability in the Oracle Siebel CRM's SWSE Server component enables an unauthenticated attacker with HTTP network access to potentially compromise the Siebel UI Framework. Exploiting this vulnerability requires user interaction from someone other than the attacker, making it particularly difficult to orchestrate. If successfully exploited, the attacker may gain unauthorized access to sensitive data and possess the ability to perform updates, additions, or deletions to available data within the Siebel UI Framework, thereby compromising the confidentiality and integrity of the system.",Oracle,Siebel Ui Framework,5.9,MEDIUM,0.0018100000452250242,false,,false,false,false,,,false,false,,2020-07-15T17:34:25.000Z,0
CVE-2020-2738,https://securityvulnerability.io/vulnerability/CVE-2020-2738,Unauthorized Access through Vulnerability in Oracle Siebel CRM's UI Framework,"A vulnerability exists in the Siebel UI Framework of Oracle Siebel CRM, specifically in the EAI and SWSE components. This security flaw allows low-privileged attackers with network access via HTTP to potentially compromise the UI framework. Successful exploitation enables unauthorized read access to sensitive data exposed through the Siebel UI Framework. The affected versions include 20.2 and earlier, making it imperative for organizations using these versions to apply the necessary security patches to safeguard against potential data breaches.",Oracle,Siebel Ui Framework,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:44.000Z,0
CVE-2020-2564,https://securityvulnerability.io/vulnerability/CVE-2020-2564,Unauthorized Access Vulnerability in Oracle Siebel CRM's EAI Component,"An easily exploitable vulnerability exists within the EAI component of Oracle Siebel CRM, impacting versions 19.10 and previous. This flaw allows unauthenticated attackers with network access via HTTP to gain unauthorized read access to certain data within the Siebel UI Framework. Organizations using affected versions may be at risk of data exposure, highlighting the need for timely updates and security measures to mitigate potential breaches.",Oracle,Siebel Ui Framework,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:01.000Z,0
CVE-2020-2560,https://securityvulnerability.io/vulnerability/CVE-2020-2560,Unauthorized Data Access in Oracle Siebel CRM UI Framework,"A vulnerability exists in the Siebel UI Framework component of Oracle Siebel CRM, specifically in the SWSE Server. This flaw allows an unauthenticated attacker with network access via HTTP to exploit the framework. Successful exploitation of this vulnerability necessitates human interaction from a user other than the attacker. While the primary impact is on the Siebel UI Framework, it may also affect additional products associated with it. When successfully manipulated, this vulnerability could lead to unauthorized read access to certain data elements available within the Siebel UI Framework.",Oracle,Siebel Ui Framework,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:00.000Z,0
CVE-2020-2559,https://securityvulnerability.io/vulnerability/CVE-2020-2559,Unauthenticated Access Vulnerability in Oracle Siebel UI Framework,"A vulnerability exists within the Oracle Siebel UI Framework that allows an unauthenticated attacker with network access via HTTP to exploit the system. This may lead to unauthorized read access to certain data within the UI Framework, potentially compromising sensitive information. Affected versions are 19.7 and earlier, making it imperative for users to implement necessary security measures to safeguard their systems.",Oracle,Siebel Ui Framework,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:00.000Z,0
CVE-2019-2935,https://securityvulnerability.io/vulnerability/CVE-2019-2935,Unauthorized Access Vulnerability in Oracle Siebel CRM's User Interface Framework,"A vulnerability exists in the Siebel UI Framework of Oracle Siebel CRM that allows unauthorized access to sensitive data. This issue affects supported versions 19.8 and prior. An unauthenticated attacker can exploit this vulnerability over HTTP, potentially leading to unauthorized read access to a subset of data within the Siebel UI Framework. This elevation of access without requiring authorization represents a serious concern for data confidentiality and system integrity.",Oracle,Siebel Ui Framework,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2857,https://securityvulnerability.io/vulnerability/CVE-2019-2857,Exploitable Vulnerability in Oracle Siebel CRM's UI Framework,"This vulnerability in the Siebel UI Framework component of Oracle Siebel CRM allows a low-privileged attacker with network access via HTTP to compromise the framework. While the attack requires human interaction, it can lead to unauthorized changes and access to data. Affected users may face significant risks to data confidentiality and integrity as attackers can execute unauthorized updates, insertions, and deletions of accessible data. The exploitation of this issue could potentially impact a broader set of connected products.",Oracle,Siebel Ui Framework,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-3059,https://securityvulnerability.io/vulnerability/CVE-2018-3059,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 18.7, 18.8 and 18.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Siebel Ui Framework,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2018-2959,https://securityvulnerability.io/vulnerability/CVE-2018-2959,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). The supported version that is affected is 18.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).",Oracle,Siebel Ui Framework,4.3,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2017-10315,https://securityvulnerability.io/vulnerability/CVE-2017-10315,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Siebel Ui Framework,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10263,https://securityvulnerability.io/vulnerability/CVE-2017-10263,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel UI Framework accessible data as well as unauthorized update, insert or delete access to some of Siebel UI Framework accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Siebel Ui Framework,8.2,HIGH,0.001120000029914081,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10333,https://securityvulnerability.io/vulnerability/CVE-2017-10333,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. While the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Siebel UI Framework. CVSS 3.0 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).",Oracle,Siebel Ui Framework,7.4,HIGH,0.0006600000197067857,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10302,https://securityvulnerability.io/vulnerability/CVE-2017-10302,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Siebel Ui Framework,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10264,https://securityvulnerability.io/vulnerability/CVE-2017-10264,,Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Siebel UI Framework. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).,Oracle,Siebel Ui Framework,5.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-3264,https://securityvulnerability.io/vulnerability/CVE-2017-3264,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). The supported version that is affected is 16.1. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data. CVSS v3.0 Base Score 3.1 (Integrity impacts).",Oracle,Siebel Ui Framework,3.1,LOW,0.0008299999753944576,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3325,https://securityvulnerability.io/vulnerability/CVE-2017-3325,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI). The supported version that is affected is 16.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel UI Framework accessible data as well as unauthorized update, insert or delete access to some of Siebel UI Framework accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Siebel Ui Framework,8.2,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3330,https://securityvulnerability.io/vulnerability/CVE-2017-3330,,"Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). The supported version that is affected is 16.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel UI Framework accessible data as well as unauthorized update, insert or delete access to some of Siebel UI Framework accessible data. CVSS v3.0 Base Score 7.6 (Confidentiality and Integrity impacts).",Oracle,Siebel Ui Framework,7.6,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2016-5464,https://securityvulnerability.io/vulnerability/CVE-2016-5464,,"Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5463.",Oracle,Siebel Ui Framework,4.1,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5450,https://securityvulnerability.io/vulnerability/CVE-2016-5450,,"Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI.",Oracle,Siebel Ui Framework,4.7,MEDIUM,0.0017000000225380063,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5468,https://securityvulnerability.io/vulnerability/CVE-2016-5468,,"Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5451.",Oracle,Siebel Ui Framework,5.4,MEDIUM,0.0013599999947473407,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5463,https://securityvulnerability.io/vulnerability/CVE-2016-5463,,"Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5464.",Oracle,Siebel Ui Framework,4.1,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-5451,https://securityvulnerability.io/vulnerability/CVE-2016-5451,,"Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468.",Oracle,Siebel Ui Framework,8.1,HIGH,0.001449999981559813,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-0673,https://securityvulnerability.io/vulnerability/CVE-2016-0673,,Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF Open UI.,Oracle,Siebel Ui Framework,5.4,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0