Vulnerabilities > Hcltech > Sametime
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-09 | CVE-2023-45716 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by sensitive information passed in URL. | 4.1 |
| 2024-02-09 | CVE-2023-50349 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. | 8.8 |
| 2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |
| 2022-05-12 | CVE-2021-27769 | Unspecified vulnerability in Hcltech Sametime 11.6 Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. | 5.0 |
| 2022-05-12 | CVE-2021-27770 | Unspecified vulnerability in Hcltech Sametime 11.6 The vulnerability was discovered within the “FaviconService”. | 8.8 |
| 2022-05-12 | CVE-2021-27771 | Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech Sametime 11.6 User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. | 6.5 |
| 2022-05-12 | CVE-2021-27772 | Unspecified vulnerability in Hcltech Sametime 11.6 Users are able to read group conversations without actively taking part in them. | 4.0 |
| 2022-05-12 | CVE-2021-27773 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime 11.6 This vulnerability allows users to execute a clickjacking attack in the meeting's chat. | 4.3 |