CVE-2017-12361 - OpenCVE

A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Jabber

Configuration 1 [-]

OR	cpe:2.3:a:cisco:jabber:11.8\(0\):::::windows::
	cpe:2.3:a:cisco:jabber:11.8\(1\):::::windows::
	cpe:2.3:a:cisco:jabber:11.8\(2\):::::windows::
	cpe:2.3:a:cisco:jabber:11.8\(3\):::::windows::

References

Link	Resource
http://www.securityfocus.com/bid/101994	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039915	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2017-11-30T09:00:00

Updated: 2017-12-01T10:57:01

Reserved: 2017-08-03T00:00:00

Link: CVE-2017-12361

JSON object: View

NVD Information

Status : Modified

Published: 2017-11-30T09:29:01.353

Modified: 2019-10-09T23:23:01.090

Link: CVE-2017-12361

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Cisco Jabber", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Jabber"}]}], "datePublic": "2017-11-30T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-12-01T10:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "101994", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101994"}, {"name": "1039915", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039915"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2017-12361", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Jabber", "version": {"version_data": [{"version_value": "Cisco Jabber"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "101994", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101994"}, {"name": "1039915", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039915"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-12361", "datePublished": "2017-11-30T09:00:00", "dateReserved": "2017-08-03T00:00:00", "dateUpdated": "2017-12-01T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(0\\):*:*:*:*:windows:*:*", "matchCriteriaId": "DDEB6284-44C2-40E2-8129-D53D4A2B6953", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(1\\):*:*:*:*:windows:*:*", "matchCriteriaId": "6650E280-C791-4EB4-B27F-F7D1FB7CCB3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(2\\):*:*:*:*:windows:*:*", "matchCriteriaId": "B53EFD64-0B19-48D0-AE0F-7BD03B8D6465", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(3\\):*:*:*:*:windows:*:*", "matchCriteriaId": "D24F25C2-BC6C-49D5-BB36-290F3C8A97C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Jabber para Windows podr\u00eda permitir que un atacante local sin autenticar acceda a comunicaciones sensibles realizadas por el cliente Jabber. Un atacante podr\u00eda explotar esta vulnerabilidad para obtener informaci\u00f3n y realizar ataques adicionales. La vulnerabilidad se debe a la forma en la que Cisco Jabber para Windows gestiona la generaci\u00f3n aleatoria de n\u00fameros para las carpetas de archivos. Un atacante podr\u00eda explotar la vulnerabilidad corrigiendo los datos de n\u00fameros aleatorios empleados para establecer conexiones SSL (Secure Sockets Layer) entre clientes. Un exploit podr\u00eda permitir que el atacante descodifique comunicaciones seguras realizadas por el cliente Cisco Jabber para Windows. Cisco Bug IDs: CSCve44806."}], "id": "CVE-2017-12361", "lastModified": "2019-10-09T23:23:01.090", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-30T09:29:01.353", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101994"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039915"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}