HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-46920Published Modified CNA oracle

CVE-2026-46920: Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager)

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud Applications. Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Metrics

CVSS v3.1
8.1
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An unauthenticated network-exploitable vulnerability exists in the Siebel Cloud Manager component of Oracle Siebel CRM Cloud Applications (versions 17.0 through 26.5). An attacker reachable over HTTP can exploit this without any credentials or victim interaction, though exploitation requires clearing a high-complexity bar. Successful exploitation results in full takeover of the Siebel CRM Cloud Application, including complete compromise of confidentiality, integrity, and availability. No fix version has been published by Oracle; HarborGuard tracks the advisory for patch availability.

HarborGuard Coverage

Detection

Detection of CVE-2026-46920 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images, including internally built images that bundle Siebel Cloud Manager components. Any image carrying an affected version (17.0 through 26.5) is flagged automatically.

Available
Triage

Triage is available with a CVSS 3.1 score of 8.1 (HIGH), surfaced alongside each customer org's compliance policy weighting to prioritize findings appropriately. Alerts are routed to the team inboxes configured within each customer environment based on image ownership and policy rules.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-checks the Oracle advisory on every ingest cycle and will make a patched-image rebuild available the moment Oracle ships a remediated release. In the interim, HarborGuard surfaces compensating-control recommendations, such as network-policy isolation and egress filtering, to reduce exposure for affected workloads.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Siebel Cloud Manager service over the network via HTTP; there is no requirement for a pre-existing foothold on the host.

  • AuthenticationNot required

    No credentials of any privilege level are needed; the attacker can reach the vulnerable endpoint as a completely unauthenticated party.

  • Victim interactionNot required

    Exploitation is fully attacker-driven and requires no action from any user of the system.

  • Attack complexityDetail

    Exploitation is rated High complexity, meaning the attacker must satisfy specific environmental conditions or race conditions beyond simple network access before the attack succeeds reliably.

Blast Radius

  • A successful attacker reads all data accessible to the Siebel CRM Cloud Application, including customer records, configuration secrets, and session material.
  • A successful attacker writes or modifies persisted CRM data, application configuration, and any other resources the application can reach.
  • A successful attacker crashes or degrades the Siebel CRM Cloud Application, causing a denial of service for all users of the instance.
  • Full application takeover gives the attacker a persistent foothold from which to pivot to connected systems or exfiltrate data over time.

How HarborGuard Handles This

Available on HarborGuard: because Oracle has not yet published a fix for CVE-2026-46920, the platform monitors the Oracle advisory on every ingest cycle and will automatically trigger a patched-image rebuild the moment an upstream fix is released. For customers with auto-remediation enabled, that rebuild will be followed by a regression-test run and a PR opened against affected workloads without manual intervention. While no patch is available, HarborGuard surfaces compensating-control guidance for affected images: restricting inbound network policy to limit HTTP exposure to the Siebel Cloud Manager endpoint, applying egress filtering to reduce post-compromise pivot opportunity, and flagging the affected workloads for manual review in environments where compliance policy requires sign-off before isolation steps are applied. The advisory status is re-evaluated on every ingest cycle so customers see the finding updated in real time as Oracle publishes new information.

See how HarborGuard automates this
Affected packages
  • Oracle Corporation / Siebel CRM Cloud Applications
    ≤ 26.5
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References