CVE-2015-6409

Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419.

Severity	MEDIUM
CVSS	5.9
CWE	CWE-200
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Cisco Unified Communications Manager IM and Presence Service	cisco-sa-20151224-jab	Cisco OpenVuln
Cisco Unified Communications Manager	cisco-sa-20151224-jab	Cisco OpenVuln
Cisco Jabber for iOS	cisco-sa-20151224-jab	Cisco OpenVuln
Cisco Jabber for Windows	cisco-sa-20151224-jab	Cisco OpenVuln
Cisco Jabber for Mac	cisco-sa-20151224-jab	Cisco OpenVuln
Cisco Jabber IM for Android	cisco-sa-20151224-jab	Cisco OpenVuln
Cisco Jabber	cisco-sa-20151224-jab	Cisco OpenVuln