I have discovered and disclosed 10 different vulnerabilities in Cisco Jabber in 2020 and 2021. The tables below show the CVE number and CVSS score for each of the vulnerabilities. For more details, see my blog post or the original and follow-up articles on Watchcom's website.
First four vulnerabilities, disclosed in September 2020:
| CVE ID | Title | CVSS | |---------------|--------------------------------------------------------|------| | CVE-2020-3495 | Cisco Jabber Message Handling Arbitrary Code Execution | 9.9 | | CVE-2020-3430 | Cisco Jabber Protocol Handler Command Injection | 8.8 | | CVE-2020-3498 | Cisco Jabber Information Disclosure | 6.5 | | CVE-2020-3537 | Cisco Jabber Universal Naming Convention Link Handling | 5.7 |
Three new vulnerabilities, disclosed in December 2020:
| CVE ID | Title | CVSS | |----------------|------------------------------------------------------------|------| | CVE-2020-26085 | Cisco Jabber Cross-Site Scripting leading to RCE | 9.9 | | CVE-2020-27132 | Cisco Jabber Password Hash Stealing Information Disclosure | 6.5 | | CVE-2020-27127 | Cisco Jabber Custom Protocol Handler Command Injection | 4.3 |
The final three vulnerabilities, disclosed in March 2020:
| CVE ID | Title | CVSS | |----------------|------------------------------------------------------------|------| | CVE-2021-1411 | Cisco Jabber Arbitrary Program Execution Vulnerability | 9.9 | | CVE-2021-1417 | Cisco Jabber Information Disclosure Vulnerability | 6.5 | | CVE-2021-1418 | Cisco Jabber Denial of Service Vulnerability | 4.3 |