Vulnerabilities > Cisco > Jabber > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-15 | CVE-2022-20917 | Unspecified vulnerability in Cisco Jabber A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. | 4.3 |
| 2021-06-16 | CVE-2021-1569 | Improper Input Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. | 6.5 |
| 2021-06-16 | CVE-2021-1570 | Improper Input Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. | 6.5 |
| 2021-03-24 | CVE-2021-1418 | Improper Null Termination vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 6.5 |
| 2021-03-24 | CVE-2021-1417 | Unspecified vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 6.5 |
| 2021-03-24 | CVE-2021-1471 | Improper Certificate Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 5.6 |
| 2020-09-04 | CVE-2020-3537 | Information Exposure vulnerability in Cisco Jabber A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information. | 5.7 |
| 2020-09-04 | CVE-2020-3498 | Improper Input Validation vulnerability in Cisco Jabber A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. | 6.5 |
| 2019-01-10 | CVE-2018-0483 | Cross-site Scripting vulnerability in Cisco Jabber 10.0(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 5.4 |
| 2019-01-10 | CVE-2018-0449 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Jabber 12.1(0) A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. | 4.2 |