Описание
Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 9.2\(.1\) (включая)
Одно из
cpe:2.3:a:cisco:jabber:*:-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0:-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0\(.0\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0\(.1\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0\(.2\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0\(.3\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0\(.4\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.0\(.5\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1:-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1\(.0\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1\(.1\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1\(.2\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1\(.3\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1\(.4\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.1\(.5\):-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.2:-:-:*:-:windows:*:*
cpe:2.3:a:cisco:jabber:9.2\(.0\):-:-:*:-:windows:*:*
EPSS
Процентиль: 93%
0.10364
Средний
4.3 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.
EPSS
Процентиль: 93%
0.10364
Средний
4.3 Medium
CVSS2
Дефекты
CWE-22