CVE-2022-42446

Summary

Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL Sametime12.0, 12.0FP1affected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References