Vulnerability Type: Information disclosure
The information bellow is from TN 1613895
|CVE ID: CVE-2012-3331 |
By default, anonymous / unauthenticated users can access the Sametime Log database (STLOG.NSF).
This database provides a variety of potentially sensitive information including canonical usernames, and client IP addresses.
For example, from the page http://220.127.116.11/stlog.nsf, select the link Community Server Login and Logout Events by User.
Steps to Reproduce Vulnerability: http://18.104.22.168/stlog.nsf
Note that access to the server where the Sametime servers are running should be possible only from within the organization. In addition these servers should not be made HTTP accessible to any machine in the organization.