HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-46885Published Modified CNA oracle

CVE-2026-46885: Vulnerability in the Siebel CRM Integration product of Oracle Siebel CRM (component: EAI)

Vulnerability in the Siebel CRM Integration product of Oracle Siebel CRM (component: EAI). Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Integration. Successful attacks of this vulnerability can result in takeover of Siebel CRM Integration. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Metrics

CVSS v3.1
8.8
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An unspecified vulnerability in the EAI (Enterprise Application Integration) component of Oracle Siebel CRM Integration allows a network-accessible attacker with a low-privilege account to fully compromise the affected system. The attack is carried out over HTTP and requires no victim interaction, making it straightforward to execute against any exposed instance running versions 17.0 through 26.5. Successful exploitation results in complete takeover of the Siebel CRM Integration environment, affecting confidentiality, integrity, and availability. No fix version has been published by Oracle; HarborGuard is tracking the advisory and will make a patched-image rebuild available as soon as upstream publishes a fix.

HarborGuard Coverage

Detection

Detection capability is available across all HarborGuard environments: the CVE is ingested from upstream feeds within minutes of publication and matched against container images in customer registries and CI/CD pipelines, including custom-built images derived from affected Oracle Siebel CRM base layers. Any image carrying a version of Siebel CRM Integration between 17.0 and 26.5 is flagged automatically.

Available
Triage

HarborGuard scores this CVE at 8.8 HIGH using the published CVSS v3.1 vector and weights it against each customer environment's compliance policy to determine urgency and routing. Triage findings are delivered to the appropriate team inbox within each customer organization based on configured policy rules.

Available
Patch

Because no fix version has been published by Oracle, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. In the interim, customers can apply compensating controls through HarborGuard's network-policy isolation recommendations to restrict HTTP access to the EAI component.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Siebel CRM Integration service over the network via HTTP; any internet- or intranet-exposed instance is within scope.

  • AuthenticationRequired

    A low-privilege account is sufficient; no administrative or elevated credentials are needed, but the attacker must hold some valid credential on the target system.

  • Victim interactionNot required

    The attack completes without any action from a logged-in user or administrator.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and imposes no special environmental conditions, race conditions, or configuration prerequisites.

Blast Radius

  • A successful attacker reads all data accessible to the EAI component, including CRM records, integration credentials, and session tokens.
  • The attacker modifies or deletes persisted data in the Siebel CRM Integration layer, including integration configurations and business object records.
  • The attacker crashes or renders the Siebel CRM Integration service unavailable, disrupting connected enterprise application workflows.
  • Full takeover of the integration layer gives the attacker a pivot point into backend systems and external endpoints connected via EAI.

How HarborGuard Handles This

Available on HarborGuard: continuous monitoring of this CVE is active across customer environments, with the advisory re-evaluated on every ingest cycle. Because Oracle has not yet published a fix for versions 17.0 through 26.5, no patched-image rebuild is available at this time. For customers who opt into compensating-control recommendations, HarborGuard can surface network-policy isolation rules that restrict inbound HTTP access to the EAI component, limit the blast radius of exploitation, and reduce exposure while a patch is pending. Where compliance policy permits, auto-remediation will trigger a rebuild, regression-test run, and a PR opened against affected workloads immediately upon upstream fix publication, with a median time from CVE publication to merged patch PR of around 90 minutes for high-severity issues in environments with auto-remediation enabled. Customers are advised to treat any container image carrying Siebel CRM Integration 17.0 through 26.5 as high-risk until Oracle ships a patch.

See how HarborGuard automates this
Affected packages
  • Oracle Corporation / Siebel CRM Integration
    ≤ 26.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References