Vulnerability Details CVE-2024-30124
HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.2%
CVSS Severity
CVSS v3 Score 4.0
Products affected by CVE-2024-30124
-
cpe:2.3:a:hcltech:sametime:-
-
cpe:2.3:a:hcltech:sametime:11.5
-
cpe:2.3:a:hcltech:sametime:11.6
-
cpe:2.3:a:hcltech:sametime:12.0
-
cpe:2.3:a:hcltech:sametime:12.0.1
-
cpe:2.3:a:hcltech:sametime:12.0.2