VDB

GCVE-110-NCSC-2024-305

GCVE-110-NCSC-2024-305
Advisory PublishedCVSS 7.5/10
Vulnetix · Advisory published July 17, 2024
Er zijn kwetsbaarheden verholpen in Oracle Siebel CRM.

Weaknesses (CWE)

CWE-770Allocation of Resources Without Limits or ThrottlingCWE-192Integer Coercion ErrorCWE-787Out-of-bounds WriteCWE-404Improper Resource Shutdown or ReleaseCWE-754Improper Check for Unusual or Exceptional ConditionsCWE-1336Improper Neutralization of Special Elements Used in a Template EngineCWE-295Improper Certificate ValidationCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-158Improper Neutralization of Null Byte or NUL CharacterCWE-444Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Risk Scores

CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersionsPlatforms
oraclesiebel_crm_end_user
oraclesiebel_crm
oraclesiebel_crm_deployment
oraclesiebel_crm_integration
oraclesiebel_crm_cloud_applications

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›