CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2976
https://notcve.org/view.php?id=CVE-2016-2976
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936. IBM Sametime Meeting Server 8.5.2 y 9.0 podría permitir que un invitado a una reunión obtenga información sensible previamente limpiada viendo el historial de informes de reunión. IBM X-Force ID: 113936. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113936 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0358
https://notcve.org/view.php?id=CVE-2016-0358
IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928. IBM Sametime 8.5.2 y 9.0 podría permitir que un usuario autenticado sin autorizar enumerase números de ID de grupos de chat y se uniese a reuniones a las que no ha sido invitado. IBM X-Force ID: 111928. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/111928 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2964
https://notcve.org/view.php?id=CVE-2016-2964
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813. IBM Sametime 8.5.2 y 9.0, bajo ciertas condiciones, proporciona a un usuario un mensaje de error demasiado detallado y que podría revelar detalles sobre la aplicación. IBM X-Force ID: 113813. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113813 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2975
https://notcve.org/view.php?id=CVE-2016-2975
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935. IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113935 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2980
https://notcve.org/view.php?id=CVE-2016-2980
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Force ID: 113993. Sametime WebPlayer 8.5.2 y 9.0 es vulnerable a una inyección de script por la cual un sitio malicioso puede inyectar sus propios scripts mediante la explotación de una vulnerabilidad de la misma forma que funciona WebPlayer. IBM X-Force ID: 113993. • http://www.ibm.com/support/docview.wss?uid=swg22006447 http://www.securityfocus.com/bid/100531 https://exchange.xforce.ibmcloud.com/vulnerabilities/113993 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •