FortiClient Vulnerability

Cisco Jabber CVE-2020-3495 Arbitrary Code Execution Vulnerability

Description

Multiple vulnerabilities in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands or code and gain access to sensitive information. An attacker could exploit this vulnerability by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages to the affected software, or exploit this vulnerability by convincing a user to click a link within a message sent by email or other messaging platform, or exploit this vulnerability by sending specially crafted messages that contain Universal Naming Convention (UNC) links to a targeted user and convincing the user to follow the provided link.

Affected Applications

Cisco Jabber

CVE References

CVE-2020-3430 CVE-2020-3495 CVE-2020-3498 CVE-2020-3537

Other References

https://tools.cisco.com/security/center/publicationListing

ID	4231
Created	Sep 21, 2023
Description Updated	Sep 21, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Cisco
Patch	manual
Application	Cisco Jabber

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Cisco Jabber CVE-2020-3495 Arbitrary Code Execution Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Cisco Jabber CVE-2020-3495 Arbitrary Code Execution Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center