CVE-2021-1411

CWE-170CWE-201CWE-399CWE-874 documents4 sources
Severity
9.9CRITICAL
EPSS
0.5%
top 35.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco JabberCisco Cisco Jabber
Timeline
PublishedMar 24
Latest updateMay 24

Description

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages2 packages

NVDcisco/jabber12.5.012.5.4+5
CVEListV5cisco/cisco_jabbern/a

🔴Vulnerability Details

2
GHSA
GHSA-v5pv-x346-w82j: Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute2022-05-24
CVEList
Cisco Jabber Desktop and Mobile Client Software Vulnerabilities2021-03-24

📋Vendor Advisories

1
Cisco
Cisco Jabber Desktop and Mobile Client Software Vulnerabilities2021-03-24
CVE-2021-1411 (CRITICAL CVSS 9.9) | Multiple vulnerabilities in Cisco J | cvebase.io