Unrated severityNVD Advisory· Published Nov 30, 2022· Updated Apr 24, 2025
HCL Sametime 12.0 and 12.0FP1 anonymous users have directory lookup access
CVE-2022-42446
Description
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
Affected products
2- Range: 12.0, 12.0FP1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.