Описание
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files.
Уязвимые конфигурации
EPSS
8.2 High
CVSS3
7.6 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files.
EPSS
8.2 High
CVSS3
7.6 High
CVSS3
6.5 Medium
CVSS2