PT-2026-3676 · Oracle · Oracle Siebel Crm
Published
2026-01-20
·
Updated
2026-01-21
·
CVE-2026-21926
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Oracle Siebel CRM versions 17.0 through 25.2
Description
An easily exploitable issue exists in the Server Infrastructure component of Oracle Siebel CRM. An unauthenticated attacker with network access via TLS can compromise Siebel CRM Deployment, potentially causing a denial-of-service condition through a hang or frequent crashes.
Recommendations
Versions prior to 17.0 should be used.
Versions 17.0 through 25.2 should be updated.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oracle Siebel Crm