Cisco Jabber Client Found Vulnerable to STARTTLS downgrade attack

  • -

Cisco Jabber Client Found Vulnerable to STARTTLS downgrade attack

Category : CyberSecurity , DataBreach

Researchers at Synacktiv have found that the Cisco Jabber
client is vulnerable to a STARTTLS downgrade attack. The vulnerability
manifests due to a failure to validate if a XMPP connection has been
established over TLS. A man-in-the-middle attacker could exploit this
flaw and tamper with the XMPP connection to avoid TLS negotiation,
causing the client to establish a XMPP connection over cleartext. Cisco
has released a security advisory and updated software to address this
vulnerability.

Article; Cisco


Search

Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: Hackers Looking To Shut Down Factories for Pay - Viruses & Malware on Top Tech News https://t.co/09exCgxFPi

  2. Bas Eikelenboom
    Bas Eikelenboom: Here are Some New Ideas for Fighting Botnets - https://t.co/JAKqeUl3CX https://t.co/9yUdCx4cXD

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @teamcymru: Hacking Slot Machines by Reverse-Engineering the Random Number Generators and make $1/4M /week https://t.co/Sy0BSwn9Ah

  4. Bas Eikelenboom

  5. Bas Eikelenboom
    Bas Eikelenboom: RT @paulsparrows: Stolen nude photos and hacked defibrillators: is this the future of ransomware? https://t.co/4GGkQobYhp

Archive

Categories