CVE-2013-6727 — IBM Sametime vulnerability

CWE-2644 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.2%

top 58.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sametime

Timeline

PublishedJan 31

Latest updateMay 17

Description

The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote attackers to obtain sensitive information via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/sametime8.5.2.0, 8.5.2.1, 9.0.0.0+2

🔴Vulnerability Details

GHSA

GHSA-2qfj-7536-f6x2: The Connect client in IBM Sametime 8↗2022-05-17

▶

CVEList

CVE-2013-6727: The Connect client in IBM Sametime 8↗2014-01-31

▶

💬Community

Bugzilla

CVE-2013-7444 CVE-2015-6737 CVE-2015-6736 CVE-2015-6727 CVE-2015-6733 CVE-2015-6732 CVE-2015-6731 CVE-2015-6730 CVE-2015-6728 CVE-2015-6729 CVE-2015-6735 CVE-2015-6734 mediawiki: multiple security fix↗2015-08-13

▶