Vulnerabilities > Cisco > Jabber

DATE CVE VULNERABILITY TITLE RISK
2023-09-15 CVE-2022-20917 Unspecified vulnerability in Cisco Jabber
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software.
network
low complexity
cisco
4.3
2021-06-16 CVE-2021-1569 Improper Input Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
6.5
2021-06-16 CVE-2021-1570 Improper Input Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
6.5
2021-03-24 CVE-2021-1418 Unspecified vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco
6.5
2021-03-24 CVE-2021-1417 Unspecified vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco
6.5
2021-03-24 CVE-2021-1411 Unspecified vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco
critical
9.9
2021-03-24 CVE-2021-1471 Improper Certificate Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
high complexity
cisco CWE-295
5.6
2021-03-24 CVE-2021-1469 Improper Input Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
7.2
2021-01-07 CVE-2020-26085 OS Command Injection vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.
network
low complexity
cisco CWE-78
critical
9.9
2020-12-11 CVE-2020-27134 Information Exposure vulnerability in Cisco Jabber and Jabber for Mobile Platforms
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.
network
low complexity
cisco CWE-200
critical
9.9