Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2021-1471

Published

3 years ago

Last Modified

5 months ago

CVSSv2.0 Severity

Medium

CVSSv3.1 Severity

Medium

Impact Analysis

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory..

CVSSv2.0 Score

Severity: Medium
Base Score: 6.8/10
Exploit Score: 8.6/10
Access Vector: Network
Access Complexity: Medium
Authentication Required: None
Impact Score: 6.4/10
Confidentiality Impact: Partial
Availability Impact: Partial
Integrity Impact: Partial

CVSSv3.1 Score

Severity: Medium
Base Score: 5.6/10
Exploit Score: 2.2/10
Access Vector: Network
Access Complexity: High
Privileges Required: None
Impact Score: 3.4/10
Confidentiality Impact: Low
Availability Impact: Low
Integrity Impact: Low
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:cisco:jabber::::::windows::*	Yes	12.5.0	12.5.4
cpe:2.3:a:cisco:jabber::::::windows::*	Yes	12.6.0	12.6.5
cpe:2.3:a:cisco:jabber::::::windows::*	Yes	12.7.0	12.7.4
cpe:2.3:a:cisco:jabber::::::windows::*	Yes	12.8.0	12.8.5
cpe:2.3:a:cisco:jabber::::::windows::*	Yes	12.9.0	12.9.5
cpe:2.3:a:cisco:jabber::::::android::*	Yes	-	-
cpe:2.3:a:cisco:jabber::::::iphone_os::*	Yes	-	-
cpe:2.3:a:cisco:jabber::::::macos::*	Yes	12.9.0	12.9.6
cpe:2.3:a:cisco:jabber::::::windows::*	Yes	-	12.1.5
cpe:2.3:a:cisco:jabber::::::macos::*	Yes	-	12.8.7

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-jab