Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checks in the affected software. An attacker could exploit this vulnerability by authenticating locally to an affected system and then issuing specific commands to the affected software. A successful exploit could allow the attacker to view all profile information for a user instead of only certain Jabber parameters that should be visible. This vulnerability affects all releases of Cisco Jabber prior to Release 1.9.31. Cisco Bug IDs: CSCve52418.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Jabber 信息泄露漏洞
Vulnerability Description
Cisco Jabber是美国思科(Cisco)公司的一套跨设备协作系统。该系统提供语音、视频、桌面共享和会议等功能。 Cisco Jabber中的Web界面存在信息泄露漏洞,该漏洞源于程序缺少输入和验证检测。本地攻击者可通过向受影响系统进行身份验证后,然后发送命令利用该漏洞检索用户配置文件信息。
CVSS Information
N/A
Vulnerability Type
N/A