CVE-2017-12284

Name of the Vulnerable Software and Affected Versions Cisco Jabber for Windows Client (affected versions not specified)

Description A vulnerability in the web interface could allow an authenticated, local attacker to retrieve user profile information, potentially disclosing confidential information. This issue is due to inadequate input and validation checking mechanisms. An attacker could exploit this by issuing specific commands after authentication, allowing them to view profile information that should be restricted.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.