Lucene search

[email protected]CVE-2020-27133

HistoryDec 11, 2020 - 5:15 p.m.

CVE-2020-27133

2020-12-1117:15:13

CWE-269

CWE-201

[email protected]

web.nvd.nist.gov

cisco

jabber

windows

macos

mobile platforms

arbitrary program execution

sensitive information access

cve-2020-27133

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

NVD

Node

ciscojabberMatch12.9\(0\)macos

ciscojabberMatch12.9\(0\)windows

ciscojabberMatch12.9\(1\)macos

ciscojabberMatch12.9\(1\)windows

ciscojabberMatch12.9\(2\)macos

ciscojabberMatch12.9\(2\)windows

ciscojabberMatch12.9\(3\)macos

ciscojabberMatch12.9\(3\)windows

ciscojabber_for_mobile_platformsMatch12.9\(0\)

ciscojabber_for_mobile_platformsMatch12.9\(1\)

ciscojabber_for_mobile_platformsMatch12.9\(2\)

ciscojabber_for_mobile_platformsMatch12.9\(3\)

CPENameOperatorVersion
cisco:jabbercisco jabbereq12.9\(0\)
cisco:jabbercisco jabbereq12.9\(1\)
cisco:jabbercisco jabbereq12.9\(2\)
cisco:jabbercisco jabbereq12.9\(3\)
cisco:jabber_for_mobile_platformscisco jabber for mobile platformseq12.9\(0\)
cisco:jabber_for_mobile_platformscisco jabber for mobile platformseq12.9\(1\)
cisco:jabber_for_mobile_platformscisco jabber for mobile platformseq12.9\(2\)
cisco:jabber_for_mobile_platformscisco jabber for mobile platformseq12.9\(3\)

CPE	Name	Operator	Version
cisco:jabber	cisco jabber	eq	12.9\(0\)
cisco:jabber	cisco jabber	eq	12.9\(1\)
cisco:jabber	cisco jabber	eq	12.9\(2\)
cisco:jabber	cisco jabber	eq	12.9\(3\)
cisco:jabber_for_mobile_platforms	cisco jabber for mobile platforms	eq	12.9\(0\)
cisco:jabber_for_mobile_platforms	cisco jabber for mobile platforms	eq	12.9\(1\)
cisco:jabber_for_mobile_platforms	cisco jabber for mobile platforms	eq	12.9\(2\)
cisco:jabber_for_mobile_platforms	cisco jabber for mobile platforms	eq	12.9\(3\)

CNA Affected

[
  {
    "product": "Cisco Jabber ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]