cnvd - cnvd-2017-36124

cnvd-2017-36124

Vulnerability from cnvd

Title: Cisco Jabber for Windows信息泄露漏洞（CNVD-2017-36124）

Description:

Cisco Jabber for Windows是美国思科（Cisco）公司的一套用于Windows平台的统一通信客户端解决方案。该方案提供了在线状态显示、即时消息、语音等功能。

基于Windows平台的Cisco Jabber中存在信息泄露漏洞，该漏洞源于程序如何处理随机数的产生。本地攻击者可通过固定用于建立客户端之间的Secure Sockets Layer (SSL)连接的随机数数据利用该漏洞访问Jabber客户端产生的敏感通信。

Severity: 低

Patch Name: Cisco Jabber for Windows信息泄露漏洞（CNVD-2017-36124）的补丁

Patch Description:

Cisco Jabber for Windows是美国思科（Cisco）公司的一套用于Windows平台的统一通信客户端解决方案。该方案提供了在线状态显示、即时消息、语音等功能。

基于Windows平台的Cisco Jabber中存在信息泄露漏洞，该漏洞源于程序如何处理随机数的产生。本地攻击者可通过固定用于建立客户端之间的Secure Sockets Layer (SSL)连接的随机数数据利用该漏洞访问Jabber客户端产生的敏感通信。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2

Impacted products

Name
Cisco Jabber for Windows

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "101994"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12361"
    }
  },
  "description": "Cisco Jabber for Windows\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8eWindows\u5e73\u53f0\u7684\u7edf\u4e00\u901a\u4fe1\u5ba2\u6237\u7aef\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u63d0\u4f9b\u4e86\u5728\u7ebf\u72b6\u6001\u663e\u793a\u3001\u5373\u65f6\u6d88\u606f\u3001\u8bed\u97f3\u7b49\u529f\u80fd\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Cisco Jabber\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5982\u4f55\u5904\u7406\u968f\u673a\u6570\u7684\u4ea7\u751f\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u56fa\u5b9a\u7528\u4e8e\u5efa\u7acb\u5ba2\u6237\u7aef\u4e4b\u95f4\u7684Secure Sockets Layer (SSL)\u8fde\u63a5\u7684\u968f\u673a\u6570\u6570\u636e\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95eeJabber\u5ba2\u6237\u7aef\u4ea7\u751f\u7684\u654f\u611f\u901a\u4fe1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-36124",
  "openTime": "2017-12-05",
  "patchDescription": "Cisco Jabber for Windows\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8eWindows\u5e73\u53f0\u7684\u7edf\u4e00\u901a\u4fe1\u5ba2\u6237\u7aef\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u63d0\u4f9b\u4e86\u5728\u7ebf\u72b6\u6001\u663e\u793a\u3001\u5373\u65f6\u6d88\u606f\u3001\u8bed\u97f3\u7b49\u529f\u80fd\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Cisco Jabber\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5982\u4f55\u5904\u7406\u968f\u673a\u6570\u7684\u4ea7\u751f\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u56fa\u5b9a\u7528\u4e8e\u5efa\u7acb\u5ba2\u6237\u7aef\u4e4b\u95f4\u7684Secure Sockets Layer (SSL)\u8fde\u63a5\u7684\u968f\u673a\u6570\u6570\u636e\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95eeJabber\u5ba2\u6237\u7aef\u4ea7\u751f\u7684\u654f\u611f\u901a\u4fe1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Jabber for Windows\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-36124\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Jabber for Windows"
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2",
  "serverity": "\u4f4e",
  "submitTime": "2017-12-04",
  "title": "Cisco Jabber for Windows\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-36124\uff09"
}

CVE-2017-12361 (GCVE-0-2017-12361)

Vulnerability from cvelistv5

Published

2017-11-30 09:00

Modified

2024-08-05 18:36

Severity ?

CWE

CWE-200

Summary

A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/101994	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1039915	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco Jabber	Version: Cisco Jabber

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "101994",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101994"
          },
          {
            "name": "1039915",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Jabber",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Jabber"
            }
          ]
        }
      ],
      "datePublic": "2017-11-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-01T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "101994",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101994"
        },
        {
          "name": "1039915",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12361",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Jabber",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Jabber"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "101994",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101994"
            },
            {
              "name": "1039915",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039915"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12361",
    "datePublished": "2017-11-30T09:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted