CVE-2013-3985
published 2013-11-09CVE-2013-3985: The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read…
low2.9CVSS 3.1
AVAACMAuNCPINAN
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak setting of the Domain variable.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | lotus_sametime | — | — |
| ibm | lotus_sametime | — | — |