Popis
Multiple vulnerabilities were found in Cisco Jabber. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.
Below is a complete list of vulnerabilities:
- OSI vulnerability in Cisco Jabber can be exploited remotely via special crafted message to obtain sensitive information.
- An code execution vulnerability in Cisco Jabber can be exploited remotely via special crafted XMPP to execute arbitrary code.
- A command injection vulnerability in the application protocol handling features can be exploited remotely to execute arbitrary code.
Oficiální doporučení
Cisco Jabber for Windows Universal Naming Convention Link Handling Vulnerability
- Cisco Jabber for Windows Message Handling Arbitrary Code Execution Vulnerability
- Cisco Jabber for Windows Protocol Handler Command Injection Vulnerability
- Cisco Jabber for Windows Information Disclosure Vulnerability
Vykořisťování
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Související produkty
seznam CVE
- CVE-2020-3537 high
- CVE-2020-3495 critical
- CVE-2020-3498 high
- CVE-2020-3430 critical
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!