Cisco Jabber for Windows 8.x / 9.x / 10.x / 11.0.x / 11.1.x XMPP Connection MitM STARTTLS Downgrade (cisco-sa-20151224-jab)
Medium Nessus Plugin ID 87954
SynopsisThe version of Cisco Jabber for Windows installed on the remote host is affected by a man-in-the-middle STARTTLS downgrade vulnerability.
DescriptionThe version of Cisco Jabber for Windows installed on the remote host is 8.x, 9.x, 10.x, 11.0.x, or 11.1.x prior to 11.5. It is, therefore, affected by man-in-the-middle STARTTLS downgrade vulnerability due to improper checks to ensure the Extensible Messaging and Presence Protocol (XMPP) connection is established with Transport Layer Security (TLS). A man-in-the-middle attacker can exploit this to avoid TLS negotiation, resulting in the client establishing a cleartext XMPP connection.
SolutionUpgrade to Cisco Jabber for Windows version 11.5 or later.