SSL certificate validation vulnerability in Cisco Jabber and Cisco Webex Meetings - CVE-2020-3155ID: oval:org.secpod.oval:def:89559 | Date: (C)2023-04-26 (M)2024-01-17 |
Class: VULNERABILITY | Family: windows |
The host is installed with Cisco Webex Meetings before 41.1.3.11 or Cisco Jabber before 12.1.5, 12.5.x before 12.5.4, 12.6.x before 12.6.5, 12.7.x before 12.7.4, 12.8.x before 12.8.5, 12.9.x before 12.9.7, or 14.0.x before 14.0.2 and is prone to a SSL certificate validation vulnerability. A flaw is present in application, which fails to properly validate the SSL server certificate received when establishing a connection to a Cisco Webex video device or a Cisco collaboration endpoint. Successful exploitation could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
Cisco Jabber |
Cisco Webex Meetings |