CVE-2023-45696

CVSS 3.1 Score 4.0 of 10 (medium)

Details

Published Feb 10, 2024

Updated: Feb 11, 2024

Summary

CVE-2023-45696 refers to a vulnerability affecting IBM Sametime's Legacy web chat client. The issue arises due to sensitive fields with autocomplete enabled, enabling user-entered data to be stored by web browsers by default. This could potentially expose sensitive information, such as passwords or confidential messages, to unauthorized users if they gain access to the affected system or browser history. Organizations using Sametime are advised to disable autocomplete for sensitive fields or implement additional security measures to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s9djA0
https://www.cve.org/CVERecord?id=CVE-2023-45696
https://nvd.nist.gov/vuln/detail/CVE-2023-45696

Back to Vulnerability Database

CVE-2023-45696

CVSS 3.1 Score 4.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations