CVE-2021-27771
HCL Sametime is susceptible a file transfer service vulnerability
In short
HCL Sametime has a vulnerability where attackers can modify a user's session ID cookie to upload unauthorized files or delete directories, disrupting the service. This happens because the application uses the same session ID for both chat and file transfer without proper validation.
Technical detail
The vulnerability allows attackers to manipulate the SID (Session ID) cookie used in file transfer operations, enabling arbitrary file upload (CWE-434) and directory deletion via path traversal (CWE-22). The attack requires interaction with the Sametime chat application and results in both integrity compromise and denial of service.
Summary generated and translated by AI from the official description.
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Affected products
HCL Software · SametimeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →