CVE-2023-50355 LOW

CVE-2023-50355: HCL Sametime is impacted by generation of error messages containing sensitive information

Vendor Hcl Software
Product Sametime
Weakness CWE-209 · Error message info leak
Published October 23, 2024
Last update October 24, 2024

CVSS base score

3.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack.

Key dates

02Disclosure timeline

October 23, 2024 CVE published
October 24, 2024 Record updated