{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2023-37540",
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "state": "PUBLISHED",
        "assignerShortName": "HCL",
        "dateReserved": "2023-07-06T16:29:45.713Z",
        "datePublished": "2024-02-23T07:00:59.008Z",
        "dateUpdated": "2024-08-02T17:16:30.483Z"
    },
    "containers": {
        "cna": {
            "affected": [
                {
                    "defaultStatus": "unaffected",
                    "product": "HCL Sametime Chat",
                    "vendor": "HCL Software",
                    "versions": [
                        {
                            "status": "affected",
                            "version": "11.5, 11.6, 11.6 IF1, 12.0, 12.0 FP1, 12.0.1, 12.0.1 FP1"
                        }
                    ]
                }
            ],
            "datePublic": "2024-02-23T06:06:00.000Z",
            "descriptions": [
                {
                    "lang": "en",
                    "supportingMedia": [
                        {
                            "base64": false,
                            "type": "text/html",
                            "value": "<span style=\"background-color: rgb(255, 255, 255);\">Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.</span><br>"
                        }
                    ],
                    "value": "Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.\n"
                }
            ],
            "metrics": [
                {
                    "cvssV3_1": {
                        "attackComplexity": "LOW",
                        "attackVector": "LOCAL",
                        "availabilityImpact": "NONE",
                        "baseScore": 3.9,
                        "baseSeverity": "LOW",
                        "confidentialityImpact": "LOW",
                        "integrityImpact": "LOW",
                        "privilegesRequired": "LOW",
                        "scope": "UNCHANGED",
                        "userInteraction": "REQUIRED",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
                        "version": "3.1"
                    },
                    "format": "CVSS",
                    "scenarios": [
                        {
                            "lang": "en",
                            "value": "GENERAL"
                        }
                    ]
                }
            ],
            "providerMetadata": {
                "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
                "shortName": "HCL",
                "dateUpdated": "2024-02-23T07:00:59.008Z"
            },
            "references": [
                {
                    "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082"
                }
            ],
            "source": {
                "discovery": "UNKNOWN"
            },
            "title": "HCL Sametime Chat is affected by an unimplemented feature in the UI ",
            "x_generator": {
                "engine": "Vulnogram 0.1.0-dev"
            }
        },
        "adp": [
            {
                "metrics": [
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "id": "CVE-2023-37540",
                                "role": "CISA Coordinator",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "version": "2.0.3",
                                "timestamp": "2024-02-23T14:33:43.818856Z"
                            }
                        }
                    }
                ],
                "title": "CISA ADP Vulnrichment",
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-07-05T17:21:58.027Z"
                }
            },
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-02T17:16:30.483Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            }
        ]
    }
}