A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts.
The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco Jabber Guest Server. An attacker could exploit this vulnerability by sending a crafted URL to the Cisco Jabber Guest Server. An exploit could allow an attacker to connect to arbitrary hosts.
Workarounds that address this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/2i0W8wL A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts.
The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco Jabber Guest Server. An attacker could exploit this vulnerability by sending a crafted URL to the Cisco Jabber Guest Server. An exploit could allow an attacker to connect to arbitrary hosts.
Workarounds that address this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/2i0W8wL
Security Impact Rating: Medium
CVE: CVE-2016-9224
from Cisco Security Advisory http://ift.tt/2i0W8wL
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.