Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Jabber for Windows 安全漏洞
Vulnerability Description
Cisco Jabber for Windows是美国思科(Cisco)公司的一套用于Windows平台的统一通信客户端解决方案。该方案提供了在线状态显示、即时消息、语音等功能。 Cisco Jabber for Windows中存在安全漏洞,该漏洞源于客户端没有验证Extensible Messaging and Presence Protocol(XMPP)连接是否使用TLS协议。远程攻击者可利用该漏洞实施中间人攻击和STARTTLS降级攻击,篡改XMPP会话。以下版本受到影响:Cisco Jabbe
CVSS Information
N/A
Vulnerability Type
N/A