Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Jabber for Windows Protocol Handler Command Injection Vulnerability
Vulnerability Description
A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper handling of input to the application protocol handlers. An attacker could exploit this vulnerability by convincing a user to click a link within a message sent by email or other messaging platform. A successful exploit could allow the attacker to execute arbitrary commands on a targeted system with the privileges of the user account that is running the Cisco Jabber client software.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Cisco?Jabber 操作系统命令注入漏洞
Vulnerability Description
Cisco Jabber for Windows和Cisco Jabber都是美国思科(Cisco)公司的产品。Cisco Jabber for Windows是一套用于Windows平台的统一通信客户端解决方案。该方案提供了在线状态显示、即时消息、语音等功能。Cisco Jabber是一套统一通信客户端解决方案。该方案提供了在线状态显示、即时消息、语音等功能。 基于windows平台Cisco Jabber存在安全漏洞,攻击者可以通过发送包含恶意内容的邮件或其他消息传递平台发送的消息中的链接来触发此漏洞
CVSS Information
N/A
Vulnerability Type
N/A