CVE-2013-0534

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory.

Published: Jun 21, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-0534
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
ibm / lotus_sametime	8.5.2.1	8.5.2.1.x
ibm / sametime	8.5.2	8.5.2.x
ibm / lotus_sametime	8.5.1.2	8.5.1.2.x
ibm / sametime	8.5.2.1	8.5.2.1.x
ibm / sametime	8.5.1.1	8.5.1.1.x
ibm / lotus_sametime	8.5.2	8.5.2.x
ibm / lotus_sametime	8.5.1.1	8.5.1.1.x
ibm / lotus_sametime	8.5.1	8.5.1.x
ibm / sametime	8.5.1	8.5.1.x
ibm / sametime	8.5.1.2	8.5.1.2.x

http://www-01.ibm.com/support/docview.wss?uid=swg21635218
https://exchange.xforce.ibmcloud.com/vulnerabilities/82656

Vulnerability Database

289,697

CVE-2013-0534