Vulnerabilities > Cisco > Jabber > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-15 CVE-2022-20917 Unspecified vulnerability in Cisco Jabber
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software.
network
low complexity
cisco
4.3
2021-06-16 CVE-2021-1569 Improper Input Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
6.5
2021-06-16 CVE-2021-1570 Improper Input Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
6.5
2021-03-24 CVE-2021-1418 Unspecified vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco
6.5
2021-03-24 CVE-2021-1417 Unspecified vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco
6.5
2021-03-24 CVE-2021-1471 Improper Certificate Validation vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
high complexity
cisco CWE-295
5.6
2020-09-04 CVE-2020-3537 Information Exposure vulnerability in Cisco Jabber
A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information.
network
low complexity
cisco CWE-200
5.7
2020-09-04 CVE-2020-3498 Improper Input Validation vulnerability in Cisco Jabber
A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information.
network
low complexity
cisco CWE-20
6.5
2019-01-10 CVE-2018-0483 Cross-site Scripting vulnerability in Cisco Jabber 10.0(0)
A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system.
network
low complexity
cisco CWE-79
5.4
2019-01-10 CVE-2018-0449 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Jabber 12.1(0)
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges.
local
low complexity
cisco CWE-732
4.2