What is CVE-2017-12361?

CVE-2017-12361 is a medium-severity vulnerability in Cisco Jabber, classified under Information Disclosure. CVSS score: 4.0/10. Published 2017-11-30.

How severe is CVE-2017-12361?

Medium severity. CVSS v3 base score is 4.0 out of 10.

Information disclosure in Cisco Jabber

CVE-2017-12361

A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional…

Vulnerability class: Information Disclosure

EPSS: 0.001 (33.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Cisco Jabber — versions 11.8\(0\), 11.8\(1\), 11.8\(2\)
N/a Cisco Jabber — versions Cisco Jabber

Weakness classification (CWE)

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-12361?: CVE-2017-12361 is a medium-severity vulnerability in Cisco Jabber, classified under Information Disclosure. CVSS score: 4.0/10. Published 2017-11-30.
How severe is CVE-2017-12361?: Medium severity. CVSS v3 base score is 4.0 out of 10.