CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27769 – HCL Sametime is vulnerable to an information disclosure
https://notcve.org/view.php?id=CVE-2021-27769
12 May 2022 — Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible. Un filtrado de información es producido cuando un sitio web revela información que podría ayudar a un atacante a seguir explotando el sistema. Esta información puede ser o no confidencial y n... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097430 • CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2012-3331
https://notcve.org/view.php?id=CVE-2012-3331
08 Feb 2018 — IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048. IBM Sametime permite que atacantes remotos obtengan información sensible de la base de datos de Sametime Log mediante una petición directa a STLOG.NSF. IBM X-Force ID: 78048. • http://www-01.ibm.com/support/docview.wss?uid=swg21613895 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2964
https://notcve.org/view.php?id=CVE-2016-2964
29 Aug 2017 — IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813. IBM Sametime 8.5.2 y 9.0, bajo ciertas condiciones, proporciona a un usuario un mensaje de error demasiado detallado y que podría revelar detalles sobre la aplicación. IBM X-Force ID: 113813. • http://www.ibm.com/support/docview.wss?uid=swg22006441 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2975
https://notcve.org/view.php?id=CVE-2016-2975
29 Aug 2017 — IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935. IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22006441 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2974
https://notcve.org/view.php?id=CVE-2016-2974
29 Aug 2017 — IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934. IBM Sametime Connect 8.5.2 y 9.0, después de desinstalar Sametime Rich Client, podría divulgar información potencialmente sensible sobre el entorno de Sametime, así como de otros usuarios que se encuentren en la misma máquina local del usuario. IBM X-Force ID: 1139... • http://www.ibm.com/support/docview.wss?uid=swg22006444 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2967
https://notcve.org/view.php?id=CVE-2016-2967
29 Aug 2017 — IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Sametime away message altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113848. IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en el mensaje de ausente de Sametime, alterando las funcionalidades plane... • http://www.ibm.com/support/docview.wss?uid=swg22006441 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0358
https://notcve.org/view.php?id=CVE-2016-0358
29 Aug 2017 — IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928. IBM Sametime 8.5.2 y 9.0 podría permitir que un usuario autenticado sin autorizar enumerase números de ID de grupos de chat y se uniese a reuniones a las que no ha sido invitado. IBM X-Force ID: 111928. • http://www.ibm.com/support/docview.wss?uid=swg22006441 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2980
https://notcve.org/view.php?id=CVE-2016-2980
29 Aug 2017 — The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Force ID: 113993. Sametime WebPlayer 8.5.2 y 9.0 es vulnerable a una inyección de script por la cual un sitio malicioso puede inyectar sus propios scripts mediante la explotación de una vulnerabilidad de la misma forma que funciona WebPlayer. IBM X-Force ID: 113993. • http://www.ibm.com/support/docview.wss?uid=swg22006447 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2976
https://notcve.org/view.php?id=CVE-2016-2976
29 Aug 2017 — IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936. IBM Sametime Meeting Server 8.5.2 y 9.0 podría permitir que un invitado a una reunión obtenga información sensible previamente limpiada viendo el historial de informes de reunión. IBM X-Force ID: 113936. • http://www.ibm.com/support/docview.wss?uid=swg22006441 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2978
https://notcve.org/view.php?id=CVE-2016-2978
29 Aug 2017 — IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938. IBM Sametime 8.5.2 y 9.0 podría almacenar de forma local información potencialmente sensible desde la caché del navegador y ponerla a disposición de un usuario local. IBM X-Force ID: 113938. • http://www.ibm.com/support/docview.wss?uid=swg22006441 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •