Check: 2016-B-0009
windows 7 iavm:
2016-B-0009
(in version v1 r32)
Title
Cisco Jabber Security Bypass Vulnerability (Cat I impact)
Discussion
Cisco has released a security advisory to address a vulnerability in Cisco Jabber. Cisco Jabber provides instant messaging (IM), voice, video, voice messaging, desktop sharing, and conferencing on any device. To exploit this vulnerability, an attacker would perform a man-in-the-middle attack to tamper with the XMPP connection and avoid the TLS negotiation. If sucessfully exploited, an unauthenticated, remote attacker could bypass security restrictions and perform unauthorized actions.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-65043
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |