CVE-2012-3331
First published: Thu Feb 08 2018(Updated: )
IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Sametime | =6.5.1.0 | |
| IBM Sametime | =7.0.0.0 | |
| IBM Sametime | =7.5.0.0 | |
| IBM Sametime | =7.5.1.0 | |
| IBM Sametime | =7.5.1.1 | |
| IBM Sametime | =7.5.1.2 | |
| IBM Sametime | =8.0.0.0 | |
| IBM Sametime | =8.0.1.0 | |
| IBM Sametime | =8.0.2.0 | |
| IBM Sametime | =8.5.0.0 | |
| IBM Sametime | =8.5.1.0 | |
| IBM Sametime | =8.5.1.1 | |
| IBM Sametime | =8.5.1.2 | |
| IBM Sametime | =8.5.2.0 | |
| IBM Sametime | =8.5.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-3331?
The severity of CVE-2012-3331 is rated as medium with a score of 5.3.
How do I fix CVE-2012-3331?
To fix CVE-2012-3331, apply the latest security patches provided by IBM for affected versions of Sametime.
What is the impact of CVE-2012-3331?
CVE-2012-3331 allows remote attackers to obtain sensitive information from the Sametime Log database.
Which versions of IBM Sametime are affected by CVE-2012-3331?
CVE-2012-3331 affects IBM Sametime versions 6.5.1.0 through 8.5.2.1.
How can I verify if my IBM Sametime installation is vulnerable to CVE-2012-3331?
You can verify if your IBM Sametime installation is vulnerable by checking the version against the affected versions listed for CVE-2012-3331.
- collector/nvd-index
- vendor/ibm
- product/sametime
- canonical/ibm sametime