Sametime Meeting Server
by IBM
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2972 | Hig | 0.51 | 7.8 | 0.00 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855. | ||
| CVE-2016-2965 | Med | 0.42 | 6.5 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846. | ||
| CVE-2016-2979 | Med | 0.35 | 5.4 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | ||
| CVE-2016-2976 | Med | 0.28 | 4.3 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936. | ||
| CVE-2016-2977 | Med | 0.28 | 4.3 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937. | ||
| CVE-2016-2969 | Med | 0.28 | 4.3 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850. | ||
| CVE-2016-2959 | Med | 0.28 | 4.3 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804. | ||
| CVE-2016-10503 | Med | 0.28 | 4.3 | 0.01 | Aug 29, 2017 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. IBM X-Force ID: 113803. | ||
| CVE-2016-2970 | Med | 0.28 | 4.3 | 0.01 | Aug 29, 2017 | IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851. |
- risk 0.51cvss 7.8epss 0.00
IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855.
- risk 0.42cvss 6.5epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846.
- risk 0.35cvss 5.4epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- risk 0.28cvss 4.3epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936.
- risk 0.28cvss 4.3epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937.
- risk 0.28cvss 4.3epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850.
- risk 0.28cvss 4.3epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804.
- risk 0.28cvss 4.3epss 0.01
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. IBM X-Force ID: 113803.
- risk 0.28cvss 4.3epss 0.01
IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851.