Home

CVE-2017-5603

Description

An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable applications display. This allows for various kinds of social engineering attacks. This CVE is for Jitsi 2.5.5061 - 2.9.5544.

Risk Information

Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.253

Associated Vulnerability

VulnerabilityOS Platform
Upgrade Jitsi (x64) 2.9.5544 to latest versionWindows
Upgrade jitsi 2.9.5544 to latest versionWindows
Upgrade jitsi 2.9.5544 to latest version (For Ubuntu)Linux
Upgrade jitsi 2.9.5544 to latest version (For Debian)Linux
Upgrade jitsi 2.9.5544 to latest version (For Centos)Linux
Upgrade jitsi 2.9.5544 to latest version (For RedHat)Linux
Upgrade jitsi 2.9.5544 to latest version (For Suse)Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234