Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
CVE-2025-30758: Oracle Siebel CRM User Interface Allows Unauthorized Data Access
CVE-2025-30758
Summary
A security flaw in Oracle Siebel CRM's user interface for versions 25.0 through 25.5 makes it possible for hackers with internet access to view sensitive data without needing a password. This could potentially expose confidential information. Upgrade to a fixed version to protect your data.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| oracle | siebel_crm_deployment |
>= 25.0, <= 25.5 cpe:2.3:a:oracle:siebel_crm_deployment:*:*:*:*:*:*:*:* |
Original title
Vulnerability in the Siebel CRM End User product of Oracle Siebel CRM (component: User Interface). Supported versions that are affected are 25.0-25.5. Easily exploitable vulnerability allows unaut...
Original description
Vulnerability in the Siebel CRM End User product of Oracle Siebel CRM (component: User Interface). Supported versions that are affected are 25.0-25.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM End User. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel CRM End User accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
nvd CVSS3.1
5.3
Vulnerability type
CWE-200
Information Exposure
- https://www.oracle.com/security-alerts/cpujul2025.html Patch Vendor Advisory
Published: 15 Jul 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026