Oracle · Oracle Siebel Crm Siebel Ui Framework · CVE-2020-2738
**Name of the Vulnerable Software and Affected Versions**
Oracle Siebel CRM Siebel UI Framework versions 20.2 and prior
**Description**
The issue is related to inadequate access control in the EAI and SWSE components of the Oracle Siebel UI Framework, allowing a low-privileged attacker with network access via HTTP to compromise the framework. This can result in unauthorized read access to a subset of accessible data within the Siebel UI Framework.
**Recommendations**
For versions 20.2 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.