CVE-2016-2974Sensitive Information Exposure in IBM Sametime

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 80.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sametime
Timeline
PublishedAug 29
Latest updateMay 17

Description

IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/sametime5 versions+4
NVDibm/sametime5 versions+4

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-72mx-gcxg-xg6f: IBM Sametime Connect 82022-05-17
CVEList
CVE-2016-2974: IBM Sametime Connect 82017-08-29
CVE-2016-2974 — Sensitive Information Exposure in IBM | cvebase