Lucene search

HCLCVELIST:CVE-2021-27769

HistoryMay 12, 2022 - 9:25 p.m.

CVE-2021-27769 HCL Sametime is vulnerable to an information disclosure

2022-05-1221:25:24

CWE-472

HCL

www.cve.org

cve-2021-27769

information leakage

website disclosure

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

31.3%

JSON

Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible.

CNA Affected

[
  {
    "product": "Sametime",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "11.6"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097430

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

31.3%

JSON

Related for CVELIST:CVE-2021-27769