CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2012-3331
https://notcve.org/view.php?id=CVE-2012-3331
IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048. IBM Sametime permite que atacantes remotos obtengan información sensible de la base de datos de Sametime Log mediante una petición directa a STLOG.NSF. IBM X-Force ID: 78048. • http://www-01.ibm.com/support/docview.wss?uid=swg21613895 https://exchange.xforce.ibmcloud.com/vulnerabilities/78048 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2967
https://notcve.org/view.php?id=CVE-2016-2967
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Sametime away message altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113848. IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en el mensaje de ausente de Sametime, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113848 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2978
https://notcve.org/view.php?id=CVE-2016-2978
IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938. IBM Sametime 8.5.2 y 9.0 podría almacenar de forma local información potencialmente sensible desde la caché del navegador y ponerla a disposición de un usuario local. IBM X-Force ID: 113938. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113938 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2016-2966
https://notcve.org/view.php?id=CVE-2016-2966
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847. IBM Sametime 8.5.2 y 9.0 podría permitir que un usuario autenticado enumere las salas de reuniones al descubrir sus ID de sala de reuniones. IBM X-Force ID: 113847. • http://www.ibm.com/support/docview.wss?uid=swg22006441 http://www.securityfocus.com/bid/100572 https://exchange.xforce.ibmcloud.com/vulnerabilities/113847 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2974
https://notcve.org/view.php?id=CVE-2016-2974
IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934. IBM Sametime Connect 8.5.2 y 9.0, después de desinstalar Sametime Rich Client, podría divulgar información potencialmente sensible sobre el entorno de Sametime, así como de otros usuarios que se encuentren en la misma máquina local del usuario. IBM X-Force ID: 113934. • http://www.ibm.com/support/docview.wss?uid=swg22006444 http://www.securityfocus.com/bid/100528 https://exchange.xforce.ibmcloud.com/vulnerabilities/113934 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •