CVE-2018-0449

Name of the Vulnerable Software and Affected Versions Cisco Jabber Client Framework (affected versions not specified)

Description The issue is related to insecure directory permissions set on a directory created by the Cisco Jabber Client Framework, allowing an authenticated, local attacker to corrupt arbitrary files on an affected device with elevated privileges. An attacker could create a hard link to an arbitrary location on the system, potentially allowing files to be created in any location on the disk or an arbitrary file to be corrupted when it is appended to or overwritten. The vulnerability exists due to improper handling of permissions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.