Main Vulnerability Database Exploits ID:3950 - Exploit for Input validation error in Sametime - CVE-2013-3975

ID:3950 - Exploit for Input validation error in Sametime - CVE-2013-3975

Published: August 11, 2020

Vulnerability identifier: #VU41626

Vulnerability risk: Medium

CVE-ID: CVE-2013-3975

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Sametime

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/gather/ibm_sametime_enumerate_users

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a search.

Remediation

Install update from vendor's website.

ID:3950 - Exploit for Input validation error in Sametime - CVE-2013-3975

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human