CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2974
https://notcve.org/view.php?id=CVE-2016-2974
IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934. IBM Sametime Connect 8.5.2 y 9.0, después de desinstalar Sametime Rich Client, podría divulgar información potencialmente sensible sobre el entorno de Sametime, así como de otros usuarios que se encuentren en la misma máquina local del usuario. IBM X-Force ID: 113934. • http://www.ibm.com/support/docview.wss?uid=swg22006444 http://www.securityfocus.com/bid/100528 https://exchange.xforce.ibmcloud.com/vulnerabilities/113934 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2976
https://notcve.org/view.php?id=CVE-2016-2976
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936. IBM Sametime Meeting Server 8.5.2 y 9.0 podría permitir que un invitado a una reunión obtenga información sensible previamente limpiada viendo el historial de informes de reunión. IBM X-Force ID: 113936. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113936 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0358
https://notcve.org/view.php?id=CVE-2016-0358
IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928. IBM Sametime 8.5.2 y 9.0 podría permitir que un usuario autenticado sin autorizar enumerase números de ID de grupos de chat y se uniese a reuniones a las que no ha sido invitado. IBM X-Force ID: 111928. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/111928 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2964
https://notcve.org/view.php?id=CVE-2016-2964
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813. IBM Sametime 8.5.2 y 9.0, bajo ciertas condiciones, proporciona a un usuario un mensaje de error demasiado detallado y que podría revelar detalles sobre la aplicación. IBM X-Force ID: 113813. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113813 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2975
https://notcve.org/view.php?id=CVE-2016-2975
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935. IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113935 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •