Browser Cache Exposure in IBM Sametime Product by IBM
CVE-2016-2978

3.3LOW

Key Information:

Vendor

IBM
Status
Sametime
Vendor
CVE Published:
29 August 2017

What is CVE-2016-2978?

IBM Sametime versions 8.5.2 and 9.0 have a vulnerability where potentially sensitive information can be stored in the local browser cache. This behavior may allow local users to access stored data, raising security concerns regarding data confidentiality. It is essential for users of affected versions to be aware of this issue and to take necessary precautions to mitigate any risks associated with unauthorized access to sensitive information.

Affected Version(s)

Sametime 8.5.2

Sametime 8.5.2.1

Sametime 9.0

References

http://www.ibm.com/support/docview.wss?uid=swg22006441
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/113938
x_refsource_MISC
http://www.securityfocus.com/bid/100572
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.