Vulnerabilities > Cisco > Jabber > 11.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-15 | CVE-2022-20917 | Unspecified vulnerability in Cisco Jabber A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. | 4.3 |
| 2021-03-24 | CVE-2021-1418 | Unspecified vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 6.5 |
| 2021-03-24 | CVE-2021-1417 | Unspecified vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 6.5 |
| 2021-03-24 | CVE-2021-1411 | Unspecified vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 9.9 |
| 2021-03-24 | CVE-2021-1471 | Improper Certificate Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 5.6 |
| 2021-03-24 | CVE-2021-1469 | Improper Input Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 7.2 |
| 2021-01-07 | CVE-2020-26085 | OS Command Injection vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
| 2019-07-04 | CVE-2019-1855 | Uncontrolled Search Path Element vulnerability in Cisco Jabber A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. | 7.3 |
| 2018-02-22 | CVE-2018-0201 | Cross-site Scripting vulnerability in Cisco Jabber 11.9/11.9(.0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. | 5.4 |
| 2018-02-22 | CVE-2018-0199 | Cross-site Scripting vulnerability in Cisco Jabber 11.9/11.9(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. | 6.1 |