3 matches found
IBM Lotus Sametime Connect Audio / Video Chat Information Disclosure
The version of IBM Lotus Sametime Connect installed on the remote Windows host is potentially affected by an information disclosure vulnerability. If a user sets a certain log flag to high and uses Audio/Video chat, the user's password is stored in plaintext unencrypted. C Tenable Network Securit...
CVE-2014-0890
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony..level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by...
CVE-2014-0890
IBM Sametime Connect (LAN/Enterprise) clients 8.5.1 to 9.0.0.1 are affected by an information-disclosure vulnerability (CVE-2014-0890). When a specific verbose logging level is enabled for Audio/Video chat, passwords are logged in plaintext or unencrypted in log files, allowing local users to obt...