Cisco Bug: CSCuq92694 - Jabber-config.xml file password clear-text vulnerability
Last Modified
Dec 11, 2017
Products (1)
- Cisco Jabber for Windows
Known Affected Releases
9.0(1) 9.0(2) 9.0(3) 9.0(4) 9.0(5) 9.0(6) 9.1(0) 9.1(1) 9.1(2) 9.1(3) 9.1(4) 9.1(5) 9.2(0) 9.2(1) 9.2(2) 9.2(3) 9.2(4) 9.2(5) 9.2(6) 9.2(7) 9.3(0) 9.6(0) 9.6(1) 9.6(2) 9.6(3) 9.7(0) 9.7(1) 9.7(2) 9.7(3) 9.7(4) 9.7(5)
Description (partial)
Symptom: A vulnerability in the jabber-config.xml file of the Cisco Jabber client could allow an unauthenticated, remote attacker to have ''read'' access to part of the information stored in the affected system. The vulnerability is due to improper sanitization of system files. Conditions: Devices running an affected version of the Cisco Jabber client software.
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases