First published: Fri Sep 15 2023(Updated: )
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Jabber | <12.6.6 | |
Cisco Jabber | <12.8.8 | |
Cisco Jabber | <14.1.4 | |
Cisco Jabber | <14.1.4 | |
Cisco Jabber | >=12.7<12.7.6 | |
Cisco Jabber | >=12.8<12.8.7 | |
Cisco Jabber | >=12.9<12.9.7 | |
Cisco Jabber | >=12.9<12.9.8 | |
Cisco Jabber | >=14.0<14.0.5 | |
Cisco Jabber | >=14.0<14.0.5 | |
Cisco Jabber | >=14.1<14.1.3 | |
Cisco Jabber | >=14.1<14.1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-20917 is a vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber.
Users of Cisco Jabber versions up to 12.6.6 for Windows, 12.8.8 for macOS, 14.1.4 for Android, and 14.1.4 for iPhone OS are affected by CVE-2022-20917.
The severity of CVE-2022-20917 is medium, with a CVSS score of 4.3.
CVE-2022-20917 allows an authenticated, remote attacker to manipulate the content of XMPP messages used by Cisco Jabber.
To fix CVE-2022-20917, users should upgrade to a fixed version of Cisco Jabber, as mentioned in the Cisco Security Advisory.