CVE-2024-30122 MEDIUM

CVE-2024-30122: HCL Sametime is impacted by misconfigured security related HTTP headers

Vendor Hcl Software
Product Sametime
Published October 23, 2024
Last update November 25, 2024

CVSS base score

5.8/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers.

Key dates

02Disclosure timeline

October 23, 2024 CVE published
November 25, 2024 Record updated