exploitDog

CVE-2023-37540

Опубликовано: 23 фев. 2024

Источник: nvd

CVSS3: 3.9

EPSS Низкий

Описание

Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:sametime:*:*:*:*:*:*:*:*

Версия от 11.5 (включая) до 12.0.2 (исключая)

EPSS

Процентиль: 24%

0.0008

Низкий

3.9 Low

CVSS3

Дефекты

CWE-922

Связанные уязвимости

GHSA-qqr5-9j5g-m238

CVSS3: 3.9

github

почти 2 года назад

Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.

EPSS

Процентиль: 24%

0.0008

Низкий

3.9 Low

CVSS3

Дефекты

CWE-922