PT-2022-14980 · Oracle · Oracle Siebel Crm Siebel Core
4Ra1N
·
Published
2022-10-18
·
Updated
2022-10-20
·
CVE-2022-21598
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Siebel CRM Siebel Core - DB Deployment and Configuration versions prior to 22.8
Description
The issue allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all accessible data.
Recommendations
For versions prior to 22.8, update to a version newer than 22.8 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle Siebel Crm Siebel Core