Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sametime vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-50349
Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. Some REST APIs in the Sametime Proxy application can allow an malicious user to perform malicious actions on the application.
Hcltech Sametime
8.8
CVSSv3
CVE-2021-27770
The vulnerability exists within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meetin...
Hcltech Sametime 11.6
8.8
CVSSv3
CVE-2019-10297
Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Jenkins Sametime
7.8
CVSSv3
CVE-2016-2972
IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855.
Ibm Sametime 9.0.0.1
Ibm Sametime 9.0.1
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.5.2.1
7.6
CVSSv3
CVE-2021-27771
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sendi...
Hcltech Sametime 11.6
6.5
CVSSv3
CVE-2022-42446
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
Hcltech Sametime 12.0
6.5
CVSSv3
CVE-2021-27772
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. ...
Hcltech Sametime 11.6
6.5
CVSSv3
CVE-2016-0356
IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895.
Ibm Sametime 8.5.2.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.0
Ibm Sametime 9.0.0.1
Ibm Sametime 9.0.1
6.5
CVSSv3
CVE-2016-0355
IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894.
Ibm Sametime 8.5.2.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.0
Ibm Sametime 9.0.0.1
Ibm Sametime 9.0.1
6.5
CVSSv3
CVE-2016-2965
IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846.
Ibm Sametime 9.0.0.1
Ibm Sametime 9.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »