CVE-2022-42446

Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hcltech:sametime:12.0:-:*:*:*:*:*:*
cpe:2.3:a:hcltech:sametime:12.0:fp1:*:*:*:*:*:*

History

07 Nov 2023, 03:53

Type Values Removed Values Added
Summary Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users. Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.

Information

Published : 2022-12-12 13:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-42446

Mitre link : CVE-2022-42446

CVE.ORG link : CVE-2022-42446


JSON object : View

Products Affected

hcltech

  • sametime
CWE
CWE-276

Incorrect Default Permissions