First published: Fri Feb 09 2024(Updated: )
Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happens, cookie values can remain valid even after a user has closed out their session.
Credit: psirt@hcl.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hcltech Sametime | >=11.5<12.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.