Strix
26.1K

CVE-2022-20917

MEDIUMCVSS 4.3/10EPSS 0.89%

Last modified

CVE-2022-20917 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. EPSS estimates a 0.89% chance of exploitation in the next 30 days.

Description

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.

Metrics

CVSS 3.1
4.3/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS Probability
0.89%

54.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoJabber< 12.6.6
CiscoJabber< 12.8.8
CiscoJabber< 14.1.4
CiscoJabber>= 12.7, < 12.7.6
CiscoJabber>= 12.8, < 12.8.7
CiscoJabber>= 12.9, < 12.9.7
CiscoJabber>= 12.9, < 12.9.8
CiscoJabber>= 14.0, < 14.0.5
CiscoJabber>= 14.1, < 14.1.3

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2022-20917?
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.
How severe is CVE-2022-20917?
CVE-2022-20917 has a CVSS score of 4.3/10 (MEDIUM severity). The EPSS model estimates a 0.89% probability of exploitation in the next 30 days.
How do I fix CVE-2022-20917?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-20917?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST