VCards are managed in Openfire. A client can typically obtain and update VCards.
The underlying VCard provider can be 'read-only' (for example, when the provider is LDAP based). If that's the case, VCards cannot be updated by clients.
Openfire is currently logging a very verbose error when a client tries to update a VCard on a read-only system. This verbosity should be turned down a couple of notches.