Skip to main content

Oracle Siebel CRM CVE-2026-46926

| EUVDEUVD-2026-37242 HIGH
Improper Access Control (CWE-284)
2026-06-16 oracle
8.8
CVSS 3.1 · Vendor: oracle
Share

Severity by source

Vendor (oracle) PRIMARY
8.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Description explicitly requires local logon (AV:L) with an existing low-privileged account (PR:L), exploitation is easy (AC:L), no user interaction, and full takeover with scope change drives S:C and C/I/A:H.

3.1 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 16, 2026 - 22:07 vuln.today

DescriptionCVE.org

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications. While the vulnerability is in Siebel CRM Cloud Applications, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

AnalysisAI

Privilege escalation and full takeover of Oracle Siebel CRM Cloud Applications (versions 17.0 through 26.5) is possible for a low-privileged attacker with logon access to the host infrastructure, via the Siebel Cloud Manager component. Successful exploitation produces a scope change that significantly impacts adjacent products beyond Siebel itself, with full confidentiality, integrity, and availability impact. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-priv logon to Siebel host
Delivery
Locate Siebel Cloud Manager interface
Exploit
Invoke vulnerable management operation
Execution
Escalate within Siebel CRM Cloud Applications
Persist
Cross scope boundary into adjacent products
Impact
Full takeover with C/I/A impact

Vulnerability AssessmentAI

Exploitation Attacker must already have an authenticated low-privilege logon (PR:L) on the infrastructure host where Siebel CRM Cloud Applications and the Siebel Cloud Manager component execute - i.e., shell or equivalent application-tier access on the Siebel server itself, not network access from outside. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 8.8 is driven largely by the scope change and triple-high CIA impact rather than by remote reachability: the AV:L vector confirms the attacker must already be logged on to the Siebel CRM Cloud Applications infrastructure, and PR:L means they need an existing low-privilege account on that host. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A help-desk, batch-processing, or third-party integration account with only low Siebel/OS privileges on a Siebel application server abuses the Siebel Cloud Manager component to escalate, taking over the Siebel CRM Cloud Applications instance and pivoting across the scope-changed trust boundary into adjacent Oracle-managed products. Because AC:L and UI:N apply, no user interaction or special timing is needed once the attacker is on the host. …
Remediation Apply the fixes from Oracle's June 2026 Critical Patch Update for Siebel CRM Cloud Applications (Patch available per vendor advisory at https://www.oracle.com/security-alerts/cspujun2026.html); Oracle's CPU is the authoritative source for the exact patched build numbers per Siebel release, which should be matched to your deployed version in the 17.0-26.5 range. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Siebel CRM Cloud Application instances running versions 17.0-26.5 and restrict host logon access to essential administrators only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-46926 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy