Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not check whether a session cookie is current, which allows remote attackers to conduct user-search actions by leveraging possession of a (1) expired or (2) invalidated cookie.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Sametime Meeting Server 权限许可和访问控制漏洞
Vulnerability Description
IBM Sametime是美国IBM公司的一套下一代社交通信工具。该工具通过集成音频语音、数据和视频,帮助用户实现实时业务协作。 IBM Sametime 8.x至8.5.2.1版本和9.0.0.0版本的Meeting Server中存在安全漏洞,该漏洞源于程序没有检查会话cookie是否为当前会话cookie。远程攻击者可利用该漏洞执行用户搜索操作。
CVSS Information
N/A
Vulnerability Type
N/A