Remote Code Execution Vulnerability in Cisco Jabber Guest Server
CVE-2016-9224

6.5MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Jabber Guest Server 10.6(9)
Vendor
CVE Published:
26 December 2016

Summary

A flaw in the Cisco Jabber Guest Server enables an unauthenticated remote attacker to establish connections to arbitrary hosts, potentially leading to unauthorized access and exploitation of network resources. Versions 10.6(9) are vulnerable, while updates in 11.0(0) address this issue.

Affected Version(s)

Cisco Jabber Guest Server 10.6(9) Cisco Jabber Guest Server 10.6(9)

References

http://www.securityfocus.com/bid/95016
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037516
vdb-entryx_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.