Siebel CRM Cloud Apps v17.0-26.5 Siebel Cloud Manager Physical Layer Attacks
CVE-2026-46925 Published on June 16, 2026

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Siebel CRM Cloud Applications executes to compromise Siebel CRM Cloud Applications. While the vulnerability is in Siebel CRM Cloud Applications, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:
ADJACENT_NETWORK
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2026-46925 has been classified to as an Authorization vulnerability or weakness.


Products Associated with CVE-2026-46925

Want to know whenever a new CVE is published for Oracle Siebel Crm Cloud Applications? stack.watch will email you.

 

Affected Versions

Oracle Corporation Siebel CRM Cloud Applications:

Exploit Probability

EPSS
0.27%
Percentile
17.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.