Remote Code Execution Vulnerability in Cisco Jabber Guest Server
CVE-2016-9224

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Jabber Guest Server 10.6(9)
Vendor: CVE Published:; 26 December 2016

🔔 Create Cisco Vulnerability Alert

What is CVE-2016-9224?

A flaw in the Cisco Jabber Guest Server enables an unauthenticated remote attacker to establish connections to arbitrary hosts, potentially leading to unauthorized access and exploitation of network resources. Versions 10.6(9) are vulnerable, while updates in 11.0(0) address this issue.

Affected Version(s)

Cisco Jabber Guest Server 10.6(9) Cisco Jabber Guest Server 10.6(9)

References

http://www.securityfocus.com/bid/95016

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1037516

vdb-entryx_refsource_SECTRACK

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2016
Vulnerability Reserved
Nov 6, 2016

.