{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-46888: Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (component: Database Upgrade)","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-46888","status":"final","version":"1","initial_release_date":"2026-06-16T19:27:43.420Z","current_release_date":"2026-06-16T19:27:43.420Z","revision_history":[{"date":"2026-06-16T19:27:43.420Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (component: Database Upgrade).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Siebel CRM Deployment executes to compromise Siebel CRM Deployment.  Successful attacks of this vulnerability can result in takeover of Siebel CRM Deployment. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-46888 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-46888"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-46888"},{"category":"external","summary":"Oracle Advisory","url":"https://www.oracle.com/security-alerts/cspujun2026.html"}]},"product_tree":{"branches":[{"category":"vendor","name":"Oracle Corporation","branches":[{"category":"product_name","name":"Siebel CRM Deployment","branches":[{"category":"product_version_range","name":">=17.0 <=26.5","product":{"name":"Oracle Corporation Siebel CRM Deployment >=17.0 <=26.5","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:oracle_corporation:siebel_crm_deployment:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-46888","title":"Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (component: Database Upgrade)","notes":[{"category":"description","text":"Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (component: Database Upgrade).  Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Siebel CRM Deployment executes to compromise Siebel CRM Deployment.  Successful attacks of this vulnerability can result in takeover of Siebel CRM Deployment. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"products":["CSAFPID-1"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1"]}]}]}