PT-2013-4118 · Ibm · Ibm Lotus Sametime

Published

2013-11-09

Updated

2017-08-29

CVE-2013-3044

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Lotus Sametime versions 8.5.2 through 8.5.2.1

Description The issue allows remote authenticated users to spoof the origin of chat messages or compose anonymous chat messages by leveraging meeting-attendance privileges.

Recommendations For versions 8.5.2 through 8.5.2.1, consider restricting meeting-attendance privileges to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2013-3044

Affected Products

Ibm Lotus Sametime

PT-2013-4118 · Ibm · Ibm Lotus Sametime

CVE-2013-3044

Weakness Enumeration

Related Identifiers

Affected Products

References · 3