var-201512-0385
Vulnerability from variot
Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. Cisco Jabber for Windows is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack and allow the client to establish a cleartext XMPP connection. This may lead to other attacks. This issue is being tracked by Cisco Bug ID's CSCux74848 CSCux74895 CSCux74900 CSCux80122 and CSCux88529. The program provides online status display, instant messaging, voice and other functions. The following releases are affected: Cisco Jabber for Windows Release 10.6.x, Release 11.0.x, Release 11.1.x
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "10.6\\(2\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.6.x"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0.x"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.1.x"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:jabber",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Renaud Dubourguais and S\u00e9bastien Dudek from Synacktiv",
"sources": [
{
"db": "BID",
"id": "79678"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6409",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84370",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-6409",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6409",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6409",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-597",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84370",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6409",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. Cisco Jabber for Windows is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack and allow the client to establish a cleartext XMPP connection. This may lead to other attacks. \nThis issue is being tracked by Cisco Bug ID\u0027s CSCux74848 CSCux74895 CSCux74900 CSCux80122 and CSCux88529. The program provides online status display, instant messaging, voice and other functions. The following releases are affected: Cisco Jabber for Windows Release 10.6.x, Release 11.0.x, Release 11.1.x",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6409",
"trust": 2.9
},
{
"db": "BID",
"id": "79678",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1034540",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-84370",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6409",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"id": "VAR-201512-0385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:56:23.441000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151224-jab",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab"
},
{
"title": "Cisco Jabber for Windows Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59349"
},
{
"title": "Cisco: Cisco Jabber STARTTLS Downgrade Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151224-jab"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151224-jab"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/79678"
},
{
"trust": 1.2,
"url": "http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1034540"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6409"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.synacktiv.fr/ressources/cisco_jabber_starttls_downgrade.pdf"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84370"
},
{
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"db": "BID",
"id": "79678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-26T00:00:00",
"db": "VULHUB",
"id": "VHN-84370"
},
{
"date": "2015-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"date": "2015-12-24T00:00:00",
"db": "BID",
"id": "79678"
},
{
"date": "2016-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"date": "2015-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"date": "2015-12-26T22:59:00.100000",
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84370"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6409"
},
{
"date": "2016-07-05T21:22:00",
"db": "BID",
"id": "79678"
},
{
"date": "2016-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006528"
},
{
"date": "2015-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-597"
},
{
"date": "2024-11-21T02:34:56.727000",
"db": "NVD",
"id": "CVE-2015-6409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Run on Cisco Jabber In STARTTLS Vulnerabilities that are subject to downgrade attacks",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006528"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-597"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…