Sign-up

ID

VAR-202106-0636


CVE

CVE-2021-1569


TITLE

plural  Cisco Jabber  Resource management vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2021-001959

DESCRIPTION

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The program provides online status display, instant messaging, voice and other functions. An attacker could exploit this vulnerability to cause an application to return sensitive authentication information to another system by sending a crafted Extensible Messaging and Presence Protocol (XMPP) message to the affected system

Trust: 2.25

sources: NVD: CVE-2021-1569 // JVNDB: JVNDB-2021-001959 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374623

AFFECTED PRODUCTS

vendor:ciscomodel:jabberscope:gteversion:14.0

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:12.9.6.55898

Trust: 1.0

vendor:ciscomodel:jabberscope:gteversion:12.9

Trust: 1.0

vendor:ciscomodel:jabberscope:ltversion:14.0.1.55914

Trust: 1.0

vendor:シスコシステムズmodel:cisco jabberscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco jabberscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-001959 // NVD: CVE-2021-1569

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1569
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1569
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-1569
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202106-1339
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

VULHUB: VHN-374623
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-1569
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-374623
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1569
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2021-1569
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374623 // JVNDB: JVNDB-2021-001959 // CNNVD: CNNVD-202106-1339 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-1569 // NVD: CVE-2021-1569

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

problemtype:CWE-399

Trust: 1.0

problemtype:Resource management issues (CWE-399) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-374623 // JVNDB: JVNDB-2021-001959 // NVD: CVE-2021-1569

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-1339

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202106-1339

PATCH

title:cisco-sa-jabber-GuC5mLwGurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-GuC5mLwG

Trust: 0.8

title:Cisco Jabber Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=154428

Trust: 0.6

sources: JVNDB: JVNDB-2021-001959 // CNNVD: CNNVD-202106-1339

EXTERNAL IDS

db:NVDid:CVE-2021-1569

Trust: 2.5

db:JVNDBid:JVNDB-2021-001959

Trust: 0.8

db:CNNVDid:CNNVD-202106-1339

Trust: 0.7

db:CS-HELPid:SB2021061718

Trust: 0.6

db:AUSCERTid:ESB-2021.2147

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:VULHUBid:VHN-374623

Trust: 0.1

sources: VULHUB: VHN-374623 // JVNDB: JVNDB-2021-001959 // CNNVD: CNNVD-202106-1339 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-1569

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-jabber-guc5mlwg

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-1569

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.2147

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021061718

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

sources: VULHUB: VHN-374623 // JVNDB: JVNDB-2021-001959 // CNNVD: CNNVD-202106-1339 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-1569

SOURCES

db:VULHUBid:VHN-374623
db:JVNDBid:JVNDB-2021-001959
db:CNNVDid:CNNVD-202106-1339
db:CNNVDid:CNNVD-202104-975
db:NVDid:CVE-2021-1569

LAST UPDATE DATE

2024-08-14T12:33:22.355000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374623date:2022-04-25T00:00:00
db:JVNDBid:JVNDB-2021-001959date:2021-07-06T02:54:00
db:CNNVDid:CNNVD-202106-1339date:2022-04-26T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:NVDid:CVE-2021-1569date:2023-11-07T03:28:39.437

SOURCES RELEASE DATE

db:VULHUBid:VHN-374623date:2021-06-16T00:00:00
db:JVNDBid:JVNDB-2021-001959date:2021-07-06T00:00:00
db:CNNVDid:CNNVD-202106-1339date:2021-06-16T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:NVDid:CVE-2021-1569date:2021-06-16T18:15:09.077