Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3977 | 1 Ibm | 1 Sametime | 2017-08-29 | 4.3 MEDIUM | N/A |
| The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to determine which meeting rooms are owned by a user by leveraging knowledge of valid user names. | |||||
| CVE-2013-3988 | 1 Ibm | 1 Sametime | 2017-08-29 | 6.8 MEDIUM | N/A |
| The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2013-0553 | 1 Ibm | 2 Lotus Sametime, Sametime | 2017-08-29 | 3.5 LOW | N/A |
| The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat room, via a crafted Sametime Instant Message (IM). | |||||
| CVE-2013-3046 | 1 Ibm | 1 Sametime | 2017-08-29 | 4.3 MEDIUM | N/A |
| The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not send the HSTS Strict-Transport-Security header, which makes it easier for man-in-the-middle attackers to hijack sessions or obtain sensitive information by leveraging the presence of HTTP requests. | |||||
| CVE-2012-3308 | 1 Ibm | 1 Sametime | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat. | |||||
| CVE-2014-4747 | 1 Ibm | 1 Sametime | 2017-01-07 | 2.1 LOW | N/A |
| The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser. | |||||