Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sametime vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-50349
Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. Some REST APIs in the Sametime Proxy application can allow an malicious user to perform malicious actions on the application.
Hcltech Sametime
8.8
CVSSv3
CVE-2019-10297
Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Jenkins Sametime
6.5
CVSSv3
CVE-2022-42446
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
Hcltech Sametime 12.0
NA
CVE-2007-6295
Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime prior to 8.0 allows remote malicious users to inject arbitrary web script or HTML via the URI.
Ibm Lotus Sametime
5.5
CVSSv3
CVE-2021-27753
"Sametime Android PathTraversal Vulnerability"
Hcltech Hcl Sametime
5.5
CVSSv3
CVE-2021-27755
"Sametime Android potential path traversal vulnerability when using File class"
Hcltech Hcl Sametime
8.8
CVSSv3
CVE-2021-27770
The vulnerability exists within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meetin...
Hcltech Sametime 11.6
NA
CVE-2007-4142
Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 prior to 20070731 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting.
Ibm Lotus Sametime
5.3
CVSSv3
CVE-2021-27769
Information leakage occurs when a website reveals information that could aid an malicious user to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for ...
Hcltech Sametime 11.6
7.6
CVSSv3
CVE-2021-27771
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sendi...
Hcltech Sametime 11.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »