CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50355 – HCL Sametime is impacted by generation of error messages containing sensitive information
https://notcve.org/view.php?id=CVE-2023-50355
HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115627 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30124 – HCL Sametime is impacted by insecure services
https://notcve.org/view.php?id=CVE-2024-30124
HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115627 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30122 – HCL Sametime is impacted by misconfigured security related HTTP headers
https://notcve.org/view.php?id=CVE-2024-30122
HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115627 •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30132 – Missing default HTTP security headers affect HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-30132
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0116298 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23586 – An insufficient session timeout vulnerability affects HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-23586
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115264 • CWE-613: Insufficient Session Expiration •