PT-2025-29608 · Oracle · Oracle Siebel Crm
Javad Karimi
·
Published
2025-07-15
·
Updated
2025-07-29
·
CVE-2025-30758
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Siebel CRM versions 25.0 through 25.5
Description
An easily exploitable issue exists in the User Interface component of Oracle Siebel CRM, allowing an unauthenticated attacker with network access via HTTP to gain unauthorized read access to a subset of Siebel CRM End User data.
Recommendations
Update Oracle Siebel CRM versions prior to 25.6.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle Siebel Crm