CVE-2017-12284 - AskarLabs CVE Database

CVE-2017-12284

Vendor N/A

Product Cisco Jabber for Windows Client

Weakness CWE-200 · Info exposure

Published October 19, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input- and validation-checking mechanisms in the system. An attacker could exploit this vulnerability by issuing specific commands after authenticating to the system. A successful exploit could allow the attacker to view profile information where only certain parameters should be visible. Cisco Bug IDs: CSCve14401.

Key dates

02Disclosure timeline

October 19, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-12284

Related vulnerabilities

04Related CVE

CVE-2024-53991 Potential Backup file leaked via Nginx in Discourse CVE-2024-13623 Order Export for WooCommerce <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory CVE-2025-66413 Git for Windows leaks NTLM hash when cloning from an attacker-controlled server CVE-2019-1815 Cisco Meraki MX67 and MX68 Sensitive Information Disclosure Vulnerability CVE-2024-13498 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure