CVE Catalog

CVE-2026-46925

HighCVSS 8.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile — higher than 18% of all known CVEs

Summary

Vulnerability in the Siebel CRM Cloud Applications product of Oracle (component: Siebel Cloud Manager) affects versions 17.0-26.5. It allows an unauthenticated attacker with access to the physical communication segment to compromise the Siebel CRM Cloud Applications.

Risk Assessment

Attacks may significantly impact additional products, and successful exploitation can lead to takeover of the Siebel CRM Cloud Applications. The high CVSS score of 8.3 indicates serious threats to confidentiality, integrity, and availability.

Recommendation

It is recommended to update to the latest version of Siebel CRM Cloud Applications and restrict access to physical communication segments to minimize the risk of attack.

Original NVD description (English source)

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications. While the vulnerability is in Siebel CRM Cloud Applications, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS