CVE-2023-45718
3.9
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happens, cookie values can remain valid even after a user has closed out their session.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HCL Software | HCL Sametime | 11.5, 11.6, 11.6 IF1, 12.0, 12.0 FP1, 12.0.1, 12.0.1 FP1 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.