CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2978
https://notcve.org/view.php?id=CVE-2016-2978
IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938. IBM Sametime 8.5.2 y 9.0 podría almacenar de forma local información potencialmente sensible desde la caché del navegador y ponerla a disposición de un usuario local. IBM X-Force ID: 113938. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113938 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2016-2966
https://notcve.org/view.php?id=CVE-2016-2966
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847. IBM Sametime 8.5.2 y 9.0 podría permitir que un usuario autenticado enumere las salas de reuniones al descubrir sus ID de sala de reuniones. IBM X-Force ID: 113847. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113847 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0358
https://notcve.org/view.php?id=CVE-2016-0358
IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928. IBM Sametime 8.5.2 y 9.0 podría permitir que un usuario autenticado sin autorizar enumerase números de ID de grupos de chat y se uniese a reuniones a las que no ha sido invitado. IBM X-Force ID: 111928. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/111928 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2964
https://notcve.org/view.php?id=CVE-2016-2964
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813. IBM Sametime 8.5.2 y 9.0, bajo ciertas condiciones, proporciona a un usuario un mensaje de error demasiado detallado y que podría revelar detalles sobre la aplicación. IBM X-Force ID: 113813. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113813 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2975
https://notcve.org/view.php?id=CVE-2016-2975
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935. IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113935 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •