Cisco Jabber
10 CVEs affecting Cisco Jabber. Latest disclosed: 2017-11-30. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12356 | Medium | 6.1 | 2017-11-30 | A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to con… |
CVE-2015-6409 | Medium | 5.9 | 2015-12-26 | Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions… |
CVE-2017-12286 | Medium | 5.5 | 2017-10-19 | A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected softwa… |
CVE-2017-12284 | Medium | 5.5 | 2017-10-19 | A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, whic… |
CVE-2017-12358 | Medium | 5.4 | 2017-11-30 | A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote attacker to condu… |
CVE-2017-12361 | Medium | 4.0 | 2017-11-30 | A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An att… |
CVE-2015-4218 | | 2015-06-24 | The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a cra… | |
CVE-2014-0666 | | 2014-01-16 | Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload ar… | |
CVE-2013-1228 | | 2013-09-06 | Cisco Jabber on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify the client-se… | |
CVE-2013-3393 | | 2013-06-26 | The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of… |