Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak setting of the Domain variable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Lotus Sametime Enterprise Meeting Server 安全漏洞
Vulnerability Description
IBM Lotus Sametime是美国IBM公司的一套即时通讯软件。该软件集成了企业即时消息传递、网络会议、电话和视频会议,企业内外的人员可实时进行远程协作。 IBM Lotus Sametime 8.5.2和8.5.2.1版本中的Enterprise Meeting Server中存在安全漏洞,该漏洞源于程序没有正确限制使用应用cookie。远程攻击者可借助Domain变量利用该漏洞读取会话变量。
CVSS Information
N/A
Vulnerability Type
N/A