CVE-2016-2974
low
CVSS v3
3.3
CVSS v2
2.1
VIR risk
3.3
Description
IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934.
Predictions
Exploit likelihood
34%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@us.ibm.com — https://exchange.xforce.ibmcloud.com/vulnerabilities/113934
Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/support/docview.wss?uid=swg22006444
References
- http://www.ibm.com/support/docview.wss?uid=swg22006444
- http://www.securityfocus.com/bid/100528
- https://exchange.xforce.ibmcloud.com/vulnerabilities/113934
- http://www.ibm.com/support/docview.wss?uid=swg22006444
- http://www.securityfocus.com/bid/100528
- https://exchange.xforce.ibmcloud.com/vulnerabilities/113934
CWEs
CWE-200
Verify integrity in audit chain (admin only). AS-IS.