Lucene search
K

8 matches found

CVE
CVE
added 2024/02/09 8:15 p.m.72 views

CVE-2023-50349

CVE-2023-50349 affects HCL Sametime, specifically REST APIs in the Sametime Proxy, where a CSRF vulnerability can allow an attacker to perform malicious actions. The entry is supported by NVD data showing a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact ...

8.8CVSS8.7AI score0.00241EPSS
CVE
CVE
added 2024/10/23 3:17 p.m.66 views

CVE-2024-30124

CVE-2024-30124 affects HCL Sametime; an unused legacy REST service was enabled by default over HTTP in the UIM client. The issue allows a local attacker to potentially abuse the service endpoint, with the CVSS indicating Local access, low attack complexity, no privileges, and a LOW availability i...

4CVSS4.3AI score0.00166EPSS
CVE
CVE
added 2024/02/09 9:17 p.m.56 views

CVE-2023-45716

The CVE-2023-45716 entry involves IBM/HCL Sametime where sensitive information is transmitted in URLs, causing a potential information disclosure. Affected software is Sametime (HCL IBM Sametime family), with the underlying issue described as sensitive data leakage via URL parameters. Documented ...

4.1CVSS4.4AI score0.00124EPSS
CVE
CVE
added 2024/10/23 10:17 p.m.56 views

CVE-2023-50355

CVE-2023-50355 affects HCL Sametime, where error messages disclose sensitive information. This leakage could enable targeted follow-up attacks. Reported CVSS from NVD indicates MEDIUM base risk (C/L, A/N), with local/remote nuances in other sources. The connected documents do not provide a confir...

5.3CVSS4AI score0.0023EPSS
CVE
CVE
added 2024/10/23 2:59 p.m.56 views

CVE-2024-30122

CVE-2024-30122 affects HCL Sametime due to misconfigured security-related HTTP headers; some headers are missing from web service responses, causing browser default policy handling to be less secure. Root cause: HTTP header omissions in Sametime web responses. Documents provide descriptions acros...

5.8CVSS5.5AI score0.00214EPSS
CVE
CVE
added 2026/03/05 7:15 a.m.21 views

CVE-2026-21786

Technical details about CVE-2026-21786 are not publicly available in the provided documents. Monitor for updates.

3.3CVSS5.9AI score0.001EPSS
CVE
CVE
added 2026/03/17 11:29 a.m.15 views

CVE-2025-31966

CVE-2025-31966 : HCL Sametime is vulnerable due to broken server-side validation that fails to enforce client-side input checks. An attacker can bypass restrictions by sending manipulated HTTP requests directly to the server. The documented CVSS 3.1 metrics indicate a LOW base score (2.7), with n...

2.7CVSS5.9AI score0.00194EPSS
CVE
CVE
added 2026/03/10 10:10 a.m.13 views

CVE-2026-21791

CVE-2026-21791 affects HCL Sametime for Android. The vulnerability involves sensitive information disclosure where hostnames are written to application logs and certain URLs may be exposed. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) yields a LOW base score of 3.3, with local attack...

3.3CVSS5.8AI score0.00131EPSS