Vulnerabilities > Hcltech > Sametime > 12.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2023-50355 | Information Exposure Through an Error Message vulnerability in Hcltech Sametime 11.6/12.0/12.0.2 HCL Sametime is impacted by the error messages containing sensitive information. | 5.3 |
| 2024-10-23 | CVE-2024-30122 | Unspecified vulnerability in Hcltech Sametime 11.6/12.0/12.0.2 HCL Sametime is impacted by misconfigured security related HTTP headers. | 5.3 |
| 2024-02-10 | CVE-2023-45696 | Unspecified vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. | 7.5 |
| 2024-02-09 | CVE-2023-45716 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by sensitive information passed in URL. | 4.1 |
| 2024-02-09 | CVE-2023-45718 | Session Fixation vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a failure to invalidate sessions. | 7.5 |
| 2024-02-09 | CVE-2023-50349 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. | 8.8 |
| 2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |