Published: 15/01/2020 Updated: 25/10/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: UIF Open UI). Supported versions that are affected are 19.7 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle siebel ui framework

Automation software slinger SaltStack warns of stop-watching-the-election-and-patch-now bugs

The Register • Simon Sharwood, APAC Editor • 04 Nov 2020

Fixes look to have landed in GitHub well ahead of disclosure

SaltStack has officially revealed three bugs in its code – two of them seemingly critical – and told users: “We strongly recommend that you prioritize this update.” But the biz appears to have known about the bugs for months and quietly patched them over the summer. SaltStack offers open-source, Python-based automation tools. It was acquired by VMware in October, and Virtzilla hailed the deal as completing and extending its automation offerings and to help it provide a full-stack offerin...

CVE-2020-2559

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect