Vulnerabilities > Cisco > Jabber > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2021-1469 | Improper Input Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 7.2 |
| 2020-09-04 | CVE-2020-3495 | Improper Input Validation vulnerability in Cisco Jabber A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code. | 8.8 |
| 2020-09-04 | CVE-2020-3430 | OS Command Injection vulnerability in Cisco Jabber A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. | 8.8 |
| 2020-03-04 | CVE-2020-3155 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section. | 7.4 |
| 2019-09-05 | CVE-2019-12645 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Jabber 12.5(0) A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. | 7.8 |
| 2019-07-04 | CVE-2019-1855 | Uncontrolled Search Path Element vulnerability in Cisco Jabber A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. | 7.3 |