![]() ![]() ![]() However, an attacker performing a man-in-the-middle attack can catch this message and negotiate himself the SSL session,” Dubourguais and Dudek wrote. “This packet will notify the client that all messages must be exchanged within a TLS session from this point. An attacker could take advantage of this to downgrade the STARTTLS negotiation and render communication in clear text. Dubourguais and Dudek wrote that the client does not check whether the STARTTLS extension is required by the server. The Jabber client, which runs the XMPP protocol for messaging, supports STARTTLS negotiation for secure communication. The client is marketed as a secure collaboration tool that does not require a VPN connection.ĭubourguais and Dudek wrote in a report published yesterday that an attacker in a man-in-the-middle position could snoop on messages sent to the Jabber gateway, which they said is usually the Cisco Expressway-E gateway. The Cisco Jabber client is used primarily as a collaboration and messaging tool between users of various Cisco conferencing and messaging products, including Presence. Yesterday, the researchers disclosed some details and published proof-of-concept code. Researchers Renaud Dubourguais and Sébastien Dudek of Synacktiv reported the issue in December, Cisco said. An attacker in a man-in-the-middle position could abuse a STARTTLS downgrade vulnerability in the Cisco Jabber client-server negotiation in order to intercept communication.Ĭisco warned its customers yesterday, but has yet to patch the vulnerability, which affects the Cisco Jabber clients for Windows, iPhone, iPad and Android.
0 Comments
Leave a Reply. |