Lucene search

IbmCVE-2013-0553

HistoryApr 28, 2013 - 3:24 a.m.

CVE-2013-0553

2013-04-2803:24:14

ibm

web.nvd.nist.gov

ibm

sametime

cve-2013-0553

vulnerability

security

nvd

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

29.2%

JSON

The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat room, via a crafted Sametime Instant Message (IM).

Affected configurations

Nvd

Node

ibmlotus_sametimeMatch8.5.1

ibmlotus_sametimeMatch8.5.1.1

ibmsametimeMatch8.5.2.0

ibmsametimeMatch8.5.2.1

VendorProductVersionCPE
ibmlotus_sametime8.5.1cpe:2.3:a:ibm:lotus_sametime:8.5.1:*:*:*:*:*:*:*
ibmlotus_sametime8.5.1.1cpe:2.3:a:ibm:lotus_sametime:8.5.1.1:*:*:*:*:*:*:*
ibmsametime8.5.2.0cpe:2.3:a:ibm:sametime:8.5.2.0:*:*:*:*:*:*:*
ibmsametime8.5.2.1cpe:2.3:a:ibm:sametime:8.5.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_sametime	8.5.1	cpe:2.3:a:ibm:lotus_sametime:8.5.1:::::::*
ibm	lotus_sametime	8.5.1.1	cpe:2.3:a:ibm:lotus_sametime:8.5.1.1:::::::*
ibm	sametime	8.5.2.0	cpe:2.3:a:ibm:sametime:8.5.2.0:::::::*
ibm	sametime	8.5.2.1	cpe:2.3:a:ibm:sametime:8.5.2.1:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg21633618

exchange.xforce.ibmcloud.com/vulnerabilities/82915

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.001

Percentile

29.2%

JSON

Related for CVE-2013-0553