Sign-up

ID

VAR-201512-0385


CVE

CVE-2015-6409


TITLE

Windows Run on Cisco Jabber In STARTTLS Vulnerabilities that are subject to downgrade attacks

Trust: 0.8

sources: JVNDB: JVNDB-2015-006528

DESCRIPTION

Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. Cisco Jabber for Windows is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack and allow the client to establish a cleartext XMPP connection. This may lead to other attacks. This issue is being tracked by Cisco Bug ID's CSCux74848 CSCux74895 CSCux74900 CSCux80122 and CSCux88529. The program provides online status display, instant messaging, voice and other functions. The following releases are affected: Cisco Jabber for Windows Release 10.6.x, Release 11.0.x, Release 11.1.x

Trust: 2.07

sources: NVD: CVE-2015-6409 // JVNDB: JVNDB-2015-006528 // BID: 79678 // VULHUB: VHN-84370 // VULMON: CVE-2015-6409

AFFECTED PRODUCTS

vendor:ciscomodel:jabberscope:eqversion:10.6\(2\)

Trust: 1.6

vendor:ciscomodel:jabberscope:eqversion:10.6.x

Trust: 0.8

vendor:ciscomodel:jabberscope:eqversion:11.0.x

Trust: 0.8

vendor:ciscomodel:jabberscope:eqversion:11.1.x

Trust: 0.8

sources: JVNDB: JVNDB-2015-006528 // CNNVD: CNNVD-201512-597 // NVD: CVE-2015-6409

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6409
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-6409
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201512-597
value: MEDIUM

Trust: 0.6

VULHUB: VHN-84370
value: MEDIUM

Trust: 0.1

VULMON: CVE-2015-6409
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-6409
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-84370
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-6409
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-84370 // VULMON: CVE-2015-6409 // JVNDB: JVNDB-2015-006528 // CNNVD: CNNVD-201512-597 // NVD: CVE-2015-6409

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-84370 // JVNDB: JVNDB-2015-006528 // NVD: CVE-2015-6409

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-597

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201512-597

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006528

PATCH
title:cisco-sa-20151224-jaburl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab
Trust: 0.8
title:Cisco Jabber for Windows Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59349
Trust: 0.6
title:Cisco: Cisco Jabber STARTTLS Downgrade Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20151224-jab
Trust: 0.1
sources:
            
            
            VULMON: CVE-2015-6409 // 
            
            
            
            JVNDB: JVNDB-2015-006528 // 
            
            
            
            CNNVD: CNNVD-201512-597

EXTERNAL IDS
db:NVDid:CVE-2015-6409
Trust: 2.9
db:BIDid:79678
Trust: 1.5
db:SECTRACKid:1034540
Trust: 1.2
db:JVNDBid:JVNDB-2015-006528
Trust: 0.8
db:CNNVDid:CNNVD-201512-597
Trust: 0.7
db:VULHUBid:VHN-84370
Trust: 0.1
db:VULMONid:CVE-2015-6409
Trust: 0.1
sources:
            
            
            VULHUB: VHN-84370 // 
            
            
            
            VULMON: CVE-2015-6409 // 
            
            
            
            BID: 79678 // 
            
            
            
            JVNDB: JVNDB-2015-006528 // 
            
            
            
            CNNVD: CNNVD-201512-597 // 
            
            
            
            NVD: CVE-2015-6409

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151224-jab
Trust: 2.2
url:http://www.securityfocus.com/bid/79678
Trust: 1.3
url:http://www.synacktiv.com/ressources/cisco_jabber_starttls_downgrade.pdf
Trust: 1.2
url:http://www.securitytracker.com/id/1034540
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6409
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6409
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:http://www.synacktiv.fr/ressources/cisco_jabber_starttls_downgrade.pdf
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-84370 // 
            
            
            
            VULMON: CVE-2015-6409 // 
            
            
            
            BID: 79678 // 
            
            
            
            JVNDB: JVNDB-2015-006528 // 
            
            
            
            CNNVD: CNNVD-201512-597 // 
            
            
            
            NVD: CVE-2015-6409

CREDITS
Renaud Dubourguais and Sébastien Dudek from Synacktiv
Trust: 0.3
sources:
            
            
            BID: 79678

SOURCES
db:VULHUBid:VHN-84370
db:VULMONid:CVE-2015-6409
db:BIDid:79678
db:JVNDBid:JVNDB-2015-006528
db:CNNVDid:CNNVD-201512-597
db:NVDid:CVE-2015-6409

LAST UPDATE DATE
2024-11-23T22:56:23.441000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-84370date:2016-12-07T00:00:00
db:VULMONid:CVE-2015-6409date:2016-12-07T00:00:00
db:BIDid:79678date:2016-07-05T21:22:00
db:JVNDBid:JVNDB-2015-006528date:2016-01-04T00:00:00
db:CNNVDid:CNNVD-201512-597date:2015-12-28T00:00:00
db:NVDid:CVE-2015-6409date:2024-11-21T02:34:56.727

SOURCES RELEASE DATE
db:VULHUBid:VHN-84370date:2015-12-26T00:00:00
db:VULMONid:CVE-2015-6409date:2015-12-26T00:00:00
db:BIDid:79678date:2015-12-24T00:00:00
db:JVNDBid:JVNDB-2015-006528date:2016-01-04T00:00:00
db:CNNVDid:CNNVD-201512-597date:2015-12-28T00:00:00
db:NVDid:CVE-2015-6409date:2015-12-26T22:59:00.100