PT-2020-16638 · Cisco · Cisco Jabber For Windows+2
Olav Sortland Thoresen
·
Published
2020-12-11
·
Updated
2020-12-12
·
CVE-2020-27132
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco Jabber for Windows (affected versions not specified)
Cisco Jabber for MacOS (affected versions not specified)
Cisco Jabber for mobile platforms (affected versions not specified)
Description
Multiple vulnerabilities in Cisco Jabber could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges or gain access to sensitive information.
Recommendations
For Cisco Jabber for Windows, update to a version that addresses these vulnerabilities.
For Cisco Jabber for MacOS, update to a version that addresses these vulnerabilities.
For Cisco Jabber for mobile platforms, update to a version that addresses these vulnerabilities.
As a temporary workaround, consider restricting access to sensitive information and limiting privileges to minimize the risk of exploitation.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Jabber For Macos
Cisco Jabber For Windows
Cisco Jabber For Mobile Platforms