A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.
The vulnerability resulted from improper certificate validation during the SSO authentication process integrated with Control Hub. An attacker could connect to the service endpoint and provide a crafted token. The lack of proper certificate verification caused the service to accept the forged token as legitimizing any user without needing a password or any credentials.
Successful exploitation of this vulnerability allowed an attacker to gain unauthorized access to legitimate Cisco Webex services by impersonating any user within the platform, which could lead to violations of confidentiality, integrity, and data availability.
Apply patches available from the vendor according to references (Cisco Security Advisory: cisco-sa-webex-cui-cert-8jSZYhWL). The vulnerability has been addressed by Cisco; it is recommended to promptly check and implement available patches.
Cisco Webex Services with SSO integration with Control Hub enabled — detailed information about affected versions is available in vendor references.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H