VAR-201512-0385
Vulnerability from variot - Updated: 2023-12-18 12:20Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. Cisco Jabber for Windows is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack and allow the client to establish a cleartext XMPP connection. This may lead to other attacks. This issue is being tracked by Cisco Bug ID's CSCux74848 CSCux74895 CSCux74900 CSCux80122 and CSCux88529. The program provides online status display, instant messaging, voice and other functions. The following releases are affected: Cisco Jabber for Windows Release 10.6.x, Release 11.0.x, Release 11.1.x
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "10.6\\(2\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.6.x"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0.x"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.1.x"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:jabber:10.6\\(2\\):*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Renaud Dubourguais and S\u00e9bastien Dudek from Synacktiv",
"sources": [
{
"db": "BID",
"id": "79678"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6409",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84370",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6409",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-597",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84370",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6409",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. Cisco Jabber for Windows is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack and allow the client to establish a cleartext XMPP connection. This may lead to other attacks. \nThis issue is being tracked by Cisco Bug ID\u0027s CSCux74848 CSCux74895 CSCux74900 CSCux80122 and CSCux88529. The program provides online status display, instant messaging, voice and other functions. The following releases are affected: Cisco Jabber for Windows Release 10.6.x, Release 11.0.x, Release 11.1.x",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6409",
"trust": 2.9
},
{
"db": "BID",
"id": "79678",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1034540",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-84370",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6409",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"id": "VAR-201512-0385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:20:40.379000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151224-jab",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151224-jab"
},
{
"title": "Cisco Jabber for Windows Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59349"
},
{
"title": "Cisco: Cisco Jabber STARTTLS Downgrade Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151224-jab"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151224-jab"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/79678"
},
{
"trust": 1.2,
"url": "http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1034540"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6409"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.synacktiv.fr/ressources/cisco_jabber_starttls_downgrade.pdf"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-26T00:00:00",
"db": "VULHUB",
"id": "VHN-84370"
},
{
"date": "2015-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"date": "2015-12-24T00:00:00",
"db": "BID",
"id": "79678"
},
{
"date": "2016-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"date": "2015-12-26T22:59:00.100000",
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"date": "2015-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84370"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"date": "2016-07-05T21:22:00",
"db": "BID",
"id": "79678"
},
{
"date": "2016-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"date": "2016-12-07T18:20:06.537000",
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"date": "2015-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Run on Cisco Jabber In STARTTLS Vulnerabilities that are subject to downgrade attacks",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…