Published on: Not Yet Published
Last Modified on: 05/13/2022 01:36:00 AM UTC
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge.
- CVE-2021-27772 has been assigned by [email protected] to track the vulnerability
- Affected Vendor/Software: HCL Software - Sametime version 11.6
|Security Bulletin: Multiple security fixes available for HCL Sametime Proxy and Web chat client - Customer Support|| support.hcltechsw.com |