5 January 2016 - 11:54,
by ,
in
News,
No comments
An attacker in a man-in-the-middle position could abuse a STARTTLS downgrade vulnerability in the Cisco Jabber client-server negotiation in order to intercept communication. Cisco warned its customers yesterday, but has yet to patch the vulnerability, which affects the Cisco Jabber clients for Windows, iPhone, iPad and Android. Researchers Renaud Dubourguais and Sébastien Dudek of Synacktiv...