Jabber
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9224 | Med | 0.42 | 6.5 | 0.01 | Dec 26, 2016 | A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.6(9). Known Fixed Releases: 11.0(0). | ||
| CVE-2017-12356 | Med | 0.40 | 6.1 | 0.01 | Nov 30, 2017 | A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2015-6409 | Med | 0.38 | 5.9 | 0.01 | Dec 26, 2015 | Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. | ||
| CVE-2017-12286 | Med | 0.36 | 5.5 | 0.00 | Oct 19, 2017 | A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and… | ||
| CVE-2017-12284 | Med | 0.36 | 5.5 | 0.00 | Oct 19, 2017 | A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input- and… | ||
| CVE-2017-12358 | Med | 0.35 | 5.4 | 0.01 | Nov 30, 2017 | A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to… | ||
| CVE-2017-12361 | Med | 0.26 | 4.0 | 0.00 | Nov 30, 2017 | A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to… | ||
| CVE-2022-20917 | 0.00 | — | 0.01 | Sep 15, 2023 | A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to… | |||
| CVE-2021-1569 | 0.00 | — | 0.01 | Jun 16, 2021 | Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the… | |||
| CVE-2021-1418 | 0.00 | — | 0.01 | Mar 24, 2021 | Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept… | |||
| CVE-2021-1417 | 0.00 | — | 0.01 | Mar 24, 2021 | Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept… | |||
| CVE-2021-1411 | 0.00 | — | 0.01 | Mar 24, 2021 | Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept… | |||
| CVE-2021-1469 | 0.00 | — | 0.01 | Mar 24, 2021 | Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept… | |||
| CVE-2020-26085 | 0.00 | — | 0.03 | Jan 6, 2021 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | |||
| CVE-2020-27134 | 0.00 | — | 0.02 | Dec 11, 2020 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | |||
| CVE-2020-27132 | 0.00 | — | 0.01 | Dec 11, 2020 | Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more… | |||
| CVE-2020-3430 | 0.00 | — | 0.04 | Sep 4, 2020 | A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper handling of input to the application protocol handlers. An attacker could… | |||
| CVE-2020-3495 | 0.00 | — | 0.62 | Sep 4, 2020 | A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted Extensible… | |||
| CVE-2020-3498 | 0.00 | — | 0.02 | Sep 4, 2020 | A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted messages… | |||
| CVE-2020-3537 | 0.00 | — | 0.01 | Sep 4, 2020 | A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially… |
- risk 0.42cvss 6.5epss 0.01
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.6(9). Known Fixed Releases: 11.0(0).
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.38cvss 5.9epss 0.01
Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419.
- risk 0.36cvss 5.5epss 0.00
A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and…
- risk 0.36cvss 5.5epss 0.00
A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input- and…
- risk 0.35cvss 5.4epss 0.01
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to…
- risk 0.26cvss 4.0epss 0.00
A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to…
- CVE-2022-20917Sep 15, 2023risk 0.00cvss —epss 0.01
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to…
- CVE-2021-1569Jun 16, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the…
- CVE-2021-1418Mar 24, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept…
- CVE-2021-1417Mar 24, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept…
- CVE-2021-1411Mar 24, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept…
- CVE-2021-1469Mar 24, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept…
- CVE-2020-26085Jan 6, 2021risk 0.00cvss —epss 0.03
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- CVE-2020-27134Dec 11, 2020risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- CVE-2020-27132Dec 11, 2020risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more…
- CVE-2020-3430Sep 4, 2020risk 0.00cvss —epss 0.04
A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper handling of input to the application protocol handlers. An attacker could…
- CVE-2020-3495Sep 4, 2020risk 0.00cvss —epss 0.62
A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted Extensible…
- CVE-2020-3498Sep 4, 2020risk 0.00cvss —epss 0.02
A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted messages…
- CVE-2020-3537Sep 4, 2020risk 0.00cvss —epss 0.01
A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially…
Page 1 of 2