NVD

Id
41650  
Name
CVE-2013-6742  
Description
The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2014-02-14  
Modified Date
2014-02-21  
Seq
2013-6742  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
210674 41650 CVE-2013-6742 http://www-01.ibm.com/support/docview.wss?uid=swg21662928  View
210675 41650 CVE-2013-6742 ibm-sametime-ms-cve20136742-autocomplete(89858)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24461 JVNDB-2013-006036 IBM Sametime の Meeting Server におけるアクセス権を取得される脆弱性 IBM Sametime の Meeting Server は、パスワードフィールドのオートコンプリート属性をオフにすることができないため、アクセス権を取得される脆弱性が存在します。 CVE-2013-6742 66684 CVE-2013-6742 41650 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006036.html 2013-11-08 2014-02-17 View