Description
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.

This vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.
Published: 2026-04-15
Score: 9.8 Critical
EPSS: n/a
KEV: No
Impact: Unauthorized remote impersonation of Webex users
Action: Immediate Patch
AI Analysis

Impact

A flaw in the single sign‑on integration with Control Hub allowed an attacker to supply a forged token and bypass certificate validation. The result is that the attacker could assume the identity of any Webex user, gaining full access to services and data they would normally be denied. The weakness is a classic certificate trust flaw and can lead to a complete loss of confidentiality for user accounts.

Affected Systems

The vulnerability affects Cisco Webex Meetings when SSO is configured with Control Hub. No specific version information was supplied, so all deployments using this feature are potentially at risk.

Risk and Exploitability

The CVSS score of 9.8 indicates a severe, high‑impact risk. An unauthenticated, remote attacker can reach the vulnerable service endpoint. The EPSS value is unavailable, but the lack of remediation in the public KEV list does not reduce the likelihood of exploitation. In practice, an attacker could craft a malicious token, supply it to the endpoint, and immediately impersonate a user without needing any other credentials.

Generated by OpenCVE AI on April 15, 2026 at 19:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Cisco Webex update that corrects the certificate validation logic
  • Verify that the SSO configuration uses a trusted CA and that certificate validation is enforced
  • If a patch cannot be applied immediately, disable or lock down SSO integration to prevent untrusted token acceptance
  • Enable audit logging of SSO requests and monitor for anomalous authentication patterns

Generated by OpenCVE AI on April 15, 2026 at 19:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.
Title Cisco Webex Meetings Certificate Validation Vulnerability
Weaknesses CWE-295
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-04-16T03:55:32.095Z

Reserved: 2025-10-08T11:59:15.394Z

Link: CVE-2026-20184

cve-icon Vulnrichment

Updated: 2026-04-15T16:56:20.681Z

cve-icon NVD

Status : Received

Published: 2026-04-15T17:17:03.677

Modified: 2026-04-15T17:17:03.677

Link: CVE-2026-20184

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T19:30:12Z

Weaknesses