#VU16900 Permissions, Privileges, and Access Controls in Cisco Jabber Client Framework - CVE-2018-0449
Published: January 10, 2019
Vulnerability identifier: #VU16900
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:H/E:U/U:Clear
CVE-ID: CVE-2018-0449
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Jabber Client Framework
Cisco Jabber Client Framework
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to insecure directory permissions set on a JCF created directory. A local attacker with the ability to access an affected directory can create a hard link to an arbitrary location, convince another user that has administrative privileges to perform an install or update the Cisco Jabber for Mac client to perform such actions, allowing files to be created in an arbitrary location on the disk or an arbitrary file to be corrupted when it is appended to or overwritten.
Remediation
Install updates from vendor's website.