#VU16900 Permissions, Privileges, and Access Controls in Cisco Jabber Client Framework
Vulnerability identifier: #VU16900
Vulnerability risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Cisco Jabber Client Framework
Server applications /
Frameworks for developing and running applications
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to insecure directory permissions set on a JCF created directory. A local attacker with the ability to access an affected directory can create a hard link to an arbitrary location, convince another user that has administrative privileges to perform an install or update the Cisco Jabber for Mac client to perform such actions, allowing files to be created in an arbitrary location on the disk or an arbitrary file to be corrupted when it is appended to or overwritten.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco Jabber Client Framework: 12.1
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jabr-mac-per...
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
