Vulnerabilities > CVE-2023-45698 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime Chat and Meetings

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

hcltech

CWE-1021

NVD

Published: 2024-02-10

Updated: 2024-10-16

Summary

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Sametime Chat AND Meetings 12.0.1 Hcltech Sametime Chat AND Meetings 12.0 Hcltech Sametime Chat AND Meetings 11.6 Hcltech Sametime Chat AND Meetings 11.5	7

Common Weakness Enumeration (CWE)

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082