Multiple vulnerabilities in Cisco Jabber

Описание

Multiple vulnerabilities were found in Cisco Jabber. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A command injection vulnerability in Cisco Jabber can be exploited remotely to execute arbitrary code.
2. An unauthorized access vulnerability in Cisco Jabber can be exploited remotely to obtain sensitive information and bypass security restrictions.
3. An information disclosure vulnerability in Cisco Jabber can be exploited remotely via special crafted message to obtain sensitive information.
4. A program execution vulnerability in Cisco Jabber can be exploited remotely via special crafted XMPP message to execute arbitrary code.
5. A script injection vulnerability in Cisco Jabber can be exploited remotely via special crafted XMPP message to execute arbitrary code.

Первичный источник обнаружения

• Cisco Jabber Desktop and Mobile Client Software Vulnerabilities
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Cisco-Jabber

Список CVE

• CVE-2020-27133
  critical
• CVE-2020-27127
  critical
• CVE-2020-27132
  critical
• CVE-2020-26085
  critical
• CVE-2020-27134
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com