CVE-2023-45696 MEDIUM

CVE-2023-45696: HCL Sametime is impacted by an autocomplete enabled vulnerability

Vendor Hcl Software
Product HCL Sametime
Published February 10, 2024
Last update June 3, 2025

CVSS base score

4.0/10
Attack vector Physical
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. By default, this allows user entered data to be stored by the browser.

Key dates

02Disclosure timeline

February 10, 2024 CVE published
June 3, 2025 Record updated