Vulnerabilities > Hcltech > Sametime
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2023-50355 | Information Exposure Through an Error Message vulnerability in Hcltech Sametime 11.6/12.0/12.0.2 HCL Sametime is impacted by the error messages containing sensitive information. | 5.3 |
| 2024-10-23 | CVE-2024-30122 | Unspecified vulnerability in Hcltech Sametime 11.6/12.0/12.0.2 HCL Sametime is impacted by misconfigured security related HTTP headers. | 5.3 |
| 2024-02-10 | CVE-2023-45696 | Unspecified vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. | 7.5 |
| 2024-02-09 | CVE-2023-45716 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by sensitive information passed in URL. | 4.1 |
| 2024-02-09 | CVE-2023-45718 | Session Fixation vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a failure to invalidate sessions. | 7.5 |
| 2024-02-09 | CVE-2023-50349 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. | 8.8 |
| 2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |
| 2022-05-12 | CVE-2021-27769 | Unspecified vulnerability in Hcltech Sametime 11.6 Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. | 5.3 |
| 2022-05-12 | CVE-2021-27770 | Unspecified vulnerability in Hcltech Sametime 11.6 The vulnerability was discovered within the “FaviconService”. | 8.8 |
| 2022-05-12 | CVE-2021-27771 | Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech Sametime 11.6 User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. | 7.6 |