exploitDog

CVE-2024-30124

Опубликовано: 23 окт. 2024

Источник: nvd

CVSS3: 4

EPSS Низкий

Описание

HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115627
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:sametime:*:*:*:*:*:*:*:*

Версия до 12.0.2 (исключая)

cpe:2.3:a:hcltech:sametime:12.0.2:-:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00076

Низкий

4 Medium

CVSS3

Дефекты

CWE-1188

Связанные уязвимости

GHSA-wfjj-9rr8-m3rh

CVSS3: 4

github

больше 1 года назад

HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously.

EPSS

Процентиль: 23%

0.00076

Низкий

4 Medium

CVSS3

Дефекты

CWE-1188