Home    |    View Topics    |    Search    |    Contact Us    |

SecurityTracker Archives

Category:   Application (Instant Messaging/IRC/Chat)  >   Cisco Jabber for Windows Vendors:   Cisco Cisco Jabber for Windows Random Number Management Flaw Lets Local Users Obtain Potentially Sensitive Information on the Target System SecurityTracker Alert ID:  1039915 SecurityTracker URL:  http://securitytracker.com/id/1039915 CVE Reference:   CVE-2017-12361   (Links to External Site) Date:  Nov 30 2017 Impact:   Disclosure of system information, Disclosure of user information Fix Available:  Yes  Vendor Confirmed:  Yes   Description:   A vulnerability was reported in Cisco Jabber for Windows. A local user can obtain potentially sensitive information. A local user can modify the random number data used to establish SSL connections between clients to decrypt secure communications made by the Cisco Jabber for Windows client. The vendor has assigned bug ID CSCve44806 to this vulnerability. Impact:   A local user can decrypt secure communications made by the target client. Solution:   The vendor has issued a fix. The vendor advisory is available at: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2 Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2 (Links to External Site) Cause:   Access control error Underlying OS:  Windows (Any) Message History:   None.  Source Message Contents Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2 Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2021, SecurityGlobal.net LLC