CVE-2016-5560
MEDIUMOracle Siebel CRM 16.1 - Authenticated Improper Access Control in OpenUI
Title source: llmDescription
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to OpenUI.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93760
Patch, Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Scores
CVSS v3
5.4
EPSS
0.0090
EPSS Percentile
55.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (1)
oracle/siebel_customer_order_management
16.1
Published
Oct 25, 2016
Tracked Since
Feb 18, 2026