Vulnerabilities > IBM > Sametime > 8.5.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2016-2979 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-08-29 | CVE-2016-2977 | Improper Input Validation vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. | 4.0 |
| 2017-08-29 | CVE-2016-2973 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-08-29 | CVE-2016-2972 | Credentials Management vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. | 2.1 |
| 2017-08-29 | CVE-2016-2971 | Information Exposure vulnerability in IBM Sametime IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. | 5.0 |
| 2017-08-29 | CVE-2016-2969 | Information Exposure vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. | 4.0 |
| 2017-08-29 | CVE-2016-2965 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. | 4.3 |
| 2017-08-29 | CVE-2016-2959 | Permissions, Privileges, and Access Controls vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. | 4.0 |
| 2017-08-29 | CVE-2016-10503 | Improper Input Validation vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. | 4.0 |
| 2017-08-29 | CVE-2016-0356 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sametime IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. | 4.0 |