Unauthenticated Remote Code Execution Vulnerability in Siebel CRM Desktop Component of Oracle Siebel CRM

Unauthenticated Remote Code Execution Vulnerability in Siebel CRM Desktop Component of Oracle Siebel CRM

CVE-2017-10300 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM (subcomponent: Siebel Business Service Issues). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Desktop. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel CRM Desktop accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Learn more about our Cis Benchmark Audit For Desktop Software.