Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
将资源暴露给错误范围
Vulnerability Title
Cisco Jabber 安全漏洞
Vulnerability Description
Cisco Jabber是美国思科(Cisco)公司的一套统一通信客户端解决方案。该方案提供了在线状态显示、即时消息、语音等功能。 Cisco Jabber Client Software 存在安全漏洞,该漏洞源于可扩展消息传递和存在协议 (XMPP) 消息处理功能中的漏洞可能允许经过身份验证的远程攻击者操纵受影响应用程序使用的 XMPP 消息的内容。
CVSS Information
N/A
Vulnerability Type
N/A