Sign-up

ID

VAR-202103-0535


CVE

CVE-2021-1411


TITLE

plural  Cisco Jabber  Inappropriate in the product  NULL  Vulnerability regarding termination by

Trust: 0.8

sources: JVNDB: JVNDB-2021-006416

DESCRIPTION

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. The program provides online status display, instant messaging, voice and other functions

Trust: 1.8

sources: NVD: CVE-2021-1411 // JVNDB: JVNDB-2021-006416 // VULHUB: VHN-374465 // VULMON: CVE-2021-1411

AFFECTED PRODUCTS

vendor:ciscomodel:jabberscope:gteversion:12.7.0

Trust: 1.0

vendor:ciscomodel:jabberscope:gteversion:12.9.0

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.1.5

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.7.4

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.8.5

Trust: 1.0

vendor:ciscomodel:jabberscope:gteversion:12.8.0

Trust: 1.0

vendor:ciscomodel:jabberscope:gteversion:12.6.0

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.5.4

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.6.5

Trust: 1.0

vendor:ciscomodel:jabberscope:gteversion:12.5.0

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.9.5

Trust: 1.0

vendor:シスコシステムズmodel:cisco jabberscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco jabberscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-006416 // NVD: CVE-2021-1411

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1411
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1411
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-1411
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202103-1430
value: CRITICAL

Trust: 0.6

VULHUB: VHN-374465
value: HIGH

Trust: 0.1

VULMON: CVE-2021-1411
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-1411
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374465
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1411
baseSeverity: CRITICAL
baseScore: 9.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.1
impactScore: 6.0
version: 3.1

Trust: 2.0

NVD: CVE-2021-1411
baseSeverity: CRITICAL
baseScore: 9.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374465 // VULMON: CVE-2021-1411 // JVNDB: JVNDB-2021-006416 // CNNVD: CNNVD-202103-1430 // NVD: CVE-2021-1411 // NVD: CVE-2021-1411

PROBLEMTYPE DATA

problemtype:CWE-170

Trust: 1.1

problemtype:Inappropriate NULL End by (CWE-170) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-374465 // JVNDB: JVNDB-2021-006416 // NVD: CVE-2021-1411

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-1430

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-1430

PATCH

title:cisco-sa-cisco-jabber-PWrTATTCurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-jabber-PWrTATTC

Trust: 0.8

title:Cisco Jabber for Windows Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145075

Trust: 0.6

title:Cisco: Cisco Jabber Desktop and Mobile Client Software Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-cisco-jabber-PWrTATTC

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/cisco-addresses-critical-bug-in-windows-macos-jabber-clients/

Trust: 0.1

title: - url:https://www.theregister.co.uk/2021/03/29/in_brief_security/

Trust: 0.1

sources: VULMON: CVE-2021-1411 // JVNDB: JVNDB-2021-006416 // CNNVD: CNNVD-202103-1430

EXTERNAL IDS

db:NVDid:CVE-2021-1411

Trust: 3.4

db:JVNDBid:JVNDB-2021-006416

Trust: 0.8

db:CNNVDid:CNNVD-202103-1430

Trust: 0.7

db:AUSCERTid:ESB-2021.1010

Trust: 0.6

db:CNVDid:CNVD-2021-24466

Trust: 0.1

db:VULHUBid:VHN-374465

Trust: 0.1

db:VULMONid:CVE-2021-1411

Trust: 0.1

sources: VULHUB: VHN-374465 // VULMON: CVE-2021-1411 // JVNDB: JVNDB-2021-006416 // CNNVD: CNNVD-202103-1430 // NVD: CVE-2021-1411

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cisco-jabber-pwrtattc

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-1411

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2021.1010

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/170.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198669

Trust: 0.1

sources: VULHUB: VHN-374465 // VULMON: CVE-2021-1411 // JVNDB: JVNDB-2021-006416 // CNNVD: CNNVD-202103-1430 // NVD: CVE-2021-1411

SOURCES

db:VULHUBid:VHN-374465
db:VULMONid:CVE-2021-1411
db:JVNDBid:JVNDB-2021-006416
db:CNNVDid:CNNVD-202103-1430
db:NVDid:CVE-2021-1411

LAST UPDATE DATE

2024-11-23T21:50:57.022000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374465date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-1411date:2021-03-29T00:00:00
db:JVNDBid:JVNDB-2021-006416date:2022-01-06T06:48:00
db:CNNVDid:CNNVD-202103-1430date:2021-03-30T00:00:00
db:NVDid:CVE-2021-1411date:2024-11-21T05:44:17.583

SOURCES RELEASE DATE

db:VULHUBid:VHN-374465date:2021-03-24T00:00:00
db:VULMONid:CVE-2021-1411date:2021-03-24T00:00:00
db:JVNDBid:JVNDB-2021-006416date:2022-01-06T00:00:00
db:CNNVDid:CNNVD-202103-1430date:2021-03-24T00:00:00
db:NVDid:CVE-2021-1411date:2021-03-24T21:15:13.210