CVE-2014-4747Sensitive Information Exposure in IBM Sametime

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 80.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sametime
Timeline
PublishedJul 26
Latest updateMay 17

Description

The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/sametime10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-3w77-cv9r-g8qj: The Classic Meeting Server in IBM Sametime 82022-05-17
CVEList
CVE-2014-4747: The Classic Meeting Server in IBM Sametime 82014-07-26
CVE-2014-4747 — Sensitive Information Exposure in IBM | cvebase