What is CVE-2020-27127?

CVE-2020-27127 is a critical-severity vulnerability in Cisco Jabber, classified under Insertion of Sensitive Information into Sent Data. CVSS score: 9.9/10. Published 2020-12-11.

How severe is CVE-2020-27127?

Critical severity. CVSS v3 base score is 9.9 out of 10.

Vulnerability in Cisco Jabber

CVE-2020-27127

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access t…

EPSS: 0.004 (63.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Cisco Jabber — versions n/a

Weakness classification (CWE)

CWE-201 — Insertion of Sensitive Information into Sent Data

References

20201210 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-27127?: CVE-2020-27127 is a critical-severity vulnerability in Cisco Jabber, classified under Insertion of Sensitive Information into Sent Data. CVSS score: 9.9/10. Published 2020-12-11.
How severe is CVE-2020-27127?: Critical severity. CVSS v3 base score is 9.9 out of 10.