Beschreibung
Multiple vulnerabilities were found in Cisco Jabber. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.
Below is a complete list of vulnerabilities:
- OSI vulnerability in Cisco Jabber can be exploited remotely via special crafted message to obtain sensitive information.
- An code execution vulnerability in Cisco Jabber can be exploited remotely via special crafted XMPP to execute arbitrary code.
- A command injection vulnerability in the application protocol handling features can be exploited remotely to execute arbitrary code.
Ursprüngliche Informationshinweise
Cisco Jabber for Windows Universal Naming Convention Link Handling Vulnerability
- Cisco Jabber for Windows Message Handling Arbitrary Code Execution Vulnerability
- Cisco Jabber for Windows Protocol Handler Command Injection Vulnerability
- Cisco Jabber for Windows Information Disclosure Vulnerability
Ausnutzung
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Betroffene Produkte
CVE Liste
- CVE-2020-3537 high
- CVE-2020-3495 critical
- CVE-2020-3498 high
- CVE-2020-3430 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!