Main Vulnerability Database Vulnerabilities #VU38394

Input validation error in Sametime - CVE-2016-10503

Published: August 29, 2017 / Updated: August 8, 2020

Vulnerability identifier: #VU38394

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-10503

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
Sametime

Detailed vulnerability description

The vulnerability allows a remote authenticated user to manipulate data.

IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. IBM X-Force ID: 113803.

How to mitigate CVE-2016-10503

Install update from vendor's website.

Sources

http://www.ibm.com/support/docview.wss?uid=swg22006439
https://exchange.xforce.ibmcloud.com/vulnerabilities/113803

Input validation error in Sametime - CVE-2016-10503

Detailed vulnerability description

How to mitigate CVE-2016-10503

Sources

Please verify you're human