Vulnerabilities > CVE-2013-3975 - Unspecified vulnerability in IBM Sametime
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ibm
metasploit
Summary
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a search.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 12 |
Metasploit
| description | This module extracts usernames using the IBM Lotus Notes Sametime web interface using either a dictionary attack (which is preferred), or a bruteforce attack trying all usernames of MAXDEPTH length or less. |
| id | MSF:AUXILIARY/GATHER/IBM_SAMETIME_ENUMERATE_USERS |
| last seen | 2020-06-08 |
| modified | 2017-07-24 |
| published | 2013-12-26 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/ibm_sametime_enumerate_users.rb |
| title | IBM Lotus Notes Sametime User Enumeration |