12.0.2

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

hcltech

NVD

Published: 2024-10-23

Updated: 2024-11-06

Summary

HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Sametime - Hcltech Sametime 11.6 Hcltech Sametime 12.0 Hcltech Sametime 12.0.2	5

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115627