CVE-2018-2789

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM version 17.0

Description The issue affects the Siebel Core - Server Framework component, allowing a low-privileged attacker with network access via HTTP to compromise the framework. This can result in unauthorized read access to a subset of accessible data within the Siebel Core - Server Framework. The impact of successful attacks may extend beyond the Siebel Core - Server Framework, affecting additional products.

Recommendations For Oracle Siebel CRM version 17.0, update to a version that includes the fix for this issue to prevent unauthorized read access. As a temporary workaround, consider restricting access to the Siebel Core - Server Framework component to minimize the risk of exploitation.