HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-46921Published Modified CNA oracle

CVE-2026-46921: Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager)

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Cloud Applications. Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Metrics

CVSS v3.1
8.8
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is a high-severity vulnerability in the Siebel Cloud Manager component of Oracle Siebel CRM Cloud Applications, affecting versions 17.0 through 26.5. An attacker with a low-privilege account and HTTP network access can exploit this vulnerability without any victim interaction. Successful exploitation results in full takeover of the affected Siebel CRM Cloud Applications instance, including complete loss of confidentiality, integrity, and availability. No fix versions have been published yet; HarborGuard is tracking the advisory and will surface a patched-image rebuild the moment Oracle ships a fix.

HarborGuard Coverage

Detection

Detection for CVE-2026-46921 is available across every HarborGuard environment, with the CVE matched against images in customer registries and CI/CD pipelines within minutes of upstream feed publication. This matching capability covers custom-built images that bundle or derive from affected Siebel CRM Cloud Applications versions, not just unmodified base images.

Available
Triage

HarborGuard is capable of scoring this CVE at its published CVSS 3.1 base score of 8.8 (HIGH) and applying each customer organization's own compliance-policy weights to prioritize it appropriately. Triage routing routes findings to the correct team inbox within each customer org based on configured ownership rules.

Available
Patch

Because no fix version has been published by Oracle, HarborGuard re-checks the upstream advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment a fix is released. In the interim, customers with auto-remediation enabled can review compensating controls surfaced in the finding detail, such as network-policy isolation to restrict HTTP access to the Siebel Cloud Manager component to trusted principals only.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Siebel Cloud Manager component over the network via HTTP, meaning the service must be exposed to an accessible network segment.

  • AuthenticationRequired

    Any low-privilege account is sufficient; the attacker does not need administrator or elevated permissions to trigger the vulnerability.

  • Victim interactionNot required

    No user interaction is required; the attacker can exploit the vulnerability entirely without involving another party.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and requires no special conditions, race timing, or environment-specific configuration to succeed.

Blast Radius

  • A successful attacker reads all data accessible to the Siebel CRM Cloud Applications instance, including customer records, stored credentials, and session tokens.
  • A successful attacker modifies or deletes persisted application data and configuration, corrupting business records and application state.
  • A successful attacker crashes or fully disrupts the Siebel CRM Cloud Applications service, making it unavailable to legitimate users.
  • Combined impact across all three dimensions amounts to full application takeover, allowing the attacker to operate the system as an administrator.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-46921 activates immediately as the CVE is ingested from the Oracle advisory feed, matching against all customer images that include affected Siebel CRM Cloud Applications versions (17.0 through 26.5). Because Oracle has not yet published a fix, no patched-image rebuild is available at this time. HarborGuard re-checks the advisory on every ingest cycle and will generate a patched-image rebuild automatically once Oracle releases a corrected version; for customers with auto-remediation enabled, that rebuild will be followed by a regression-test run and a PR opened against affected workloads. While no patch exists, the finding detail surfaces compensating-control guidance: restricting HTTP access to the Siebel Cloud Manager component via Kubernetes network policy or equivalent firewall rules to trusted, authenticated network segments reduces the exploitable surface materially, since this vulnerability requires network reachability over HTTP.

See how HarborGuard automates this
Affected packages
  • Oracle Corporation / Siebel CRM Cloud Applications
    ≤ 26.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References