Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL Sametime is vulnerable to an information disclosure
Vulnerability Description
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Vulnerability Type
授权机制不恰当
Vulnerability Title
HCL Technologies HCL Sametime 授权问题漏洞
Vulnerability Description
HCL Sametime是HCL Technologies的一个会议解决方案。 HCL Sametime 11.6 版本存在授权问题漏洞,该漏洞源于应用中用户无需主动参与即可阅读群组对话。攻击者可以利用该漏洞实现敏感信息读取。
CVSS Information
N/A
Vulnerability Type
N/A