Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco jabber guest vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2017-6762
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected...
Cisco Jabber Guest 10.6.9Cisco Jabber Guest 10.6.10Cisco Jabber Guest 10.6.11Cisco Jabber Guest 10.6.12Cisco Jabber Guest 11.0.0
6.4
CVSSv2
CVE-2016-9224
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.6(9). Known Fixed Releases: 11.0(0)....
Cisco Jabber Guest 10.0.0Cisco Jabber Guest 10.0.2Cisco Jabber Guest 10.5.0Cisco Jabber Guest 10.6.8Cisco Jabber Guest 10.6.9
4.3
CVSSv2
CVE-2014-8025
The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST response, aka Bug ID CSCus19801....
Cisco Jabber Guest
4.3
CVSSv2
CVE-2014-8026
Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074....
Cisco Jabber Guest
4.3
CVSSv2
CVE-2016-1311
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224....
Cisco Jabber Guest 10.6.8
4.3
CVSSv2
CVE-2014-8024
The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST request, aka Bug ID CSCus19789....
Cisco Jabber Guest
4.3
CVSSv2
CVE-2020-3136
A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because...
Cisco Jabber Guest
5
CVSSv2
CVE-2016-1316
Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362....
Cisco Telepresence Video Communication Server Software X8.1.1Cisco Telepresence Video Communication Server Software X8.1.2Cisco Telepresence Video Communication Server Software X8.1 BaseCisco Telepresence Video Communication Server Software X8.2.1Cisco Telepresence Video Communication Server Software X8.2.2Cisco Telepresence Video Communication Server Software X8.2 BaseCisco Telepresence Video Communication Server Software X8.5.0Cisco Telepresence Video Communication Server Software X8.5.1Cisco Telepresence Video Communication Server Software X8.5.2Cisco Telepresence Video Communication Server Software X8.5.3Cisco Telepresence Video Communication Server Software X8.6.0Cisco Telepresence Video Communication Server Software X8.6.1Cisco Telepresence Video Communication Server Software X8.7 Base
4.3
CVSSv2
CVE-2015-6409
Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419....
Cisco Jabber 10.6\\(2\\)
5
CVSSv2
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message....
Openssl Openssl 1.0.2Openssl Openssl 1.0.2aOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.2d
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855