The Meeting Server in IBM Sametime 8.5.2 up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote malicious users to obtain sensitive information by leveraging an unattended workstation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm sametime 8.5.2.0 |
||
ibm sametime 9.0.0.1 |
||
ibm sametime 8.5.2.1 |
||
ibm sametime 9.0.0.0 |