Lucene search
K

2974 matches found

NCSC
NCSC
added 2026/04/17 8:37 a.m.6 views

Lack of vulnerability awareness in Cisco WebEx Services

Cisco has identified a vulnerability in Cisco Webex Services, specifically in the SSO integration with Control Hub. The vulnerability lies in the incorrect validation of certificates during the SSO integration of Cisco Webex Services through Control Hub. An unauthenticated external attacker can...

9.8CVSS6AI score0.0052EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/16 7:22 p.m.6 views

CVE-2026-20184

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS5.9AI score0.0052EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/04/16 11:27 a.m.11 views

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 CVSS...

9.9CVSS6.8AI score0.10944EPSS
Exploits1
CNVD
CNVD
added 2026/04/16 12:0 a.m.4 views

Cisco Webex Contact Center Desktop Agent Cross-Site Scripting Vulnerability

Cisco Webex Contact Center is a cloud contact center solution for customer service and call center management. A cross-site scripting vulnerability exists in Cisco Webex Contact Center. The vulnerability stems from a failure of the Desktop Agent feature to properly handle HTML and scripted conten...

6.1CVSS5.6AI score0.00222EPSS
Exploits0
EUVD
EUVD
added 2026/04/15 6:31 p.m.5 views

EUVD-2026-22971

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS5.9AI score0.0052EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/15 6:31 p.m.5 views

EUVD-2026-22967

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...

6.1CVSS5.8AI score0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/04/15 5:17 p.m.6 views

CVE-2026-20184

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS0.0052EPSS
Exploits0References1
NVD
NVD
added 2026/04/15 5:17 p.m.6 views

CVE-2026-20170

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...

6.1CVSS0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/15 4:10 p.m.20 views

CVE-2026-20170

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...

6.1CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 4:10 p.m.3 views

CVE-2026-20170

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...

6.1CVSS5.8AI score0.00222EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/15 4:10 p.m.5 views

CVE-2026-20170

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...

6.1CVSS5.8AI score0.00222EPSS
Exploits0References2
CVE
CVE
added 2026/04/15 4:10 p.m.98 views

CVE-2026-20170

The CVE-2026-20170 entry affects Cisco Webex Contact Center’s Desktop Agent functionality. The vulnerability arises from improper handling of HTML and script content, enabling an unauthenticated, remote attacker to perform cross-site scripting via a user-traversed link. Successful exploitation co...

6.1CVSS5.8AI score0.00222EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/15 4:3 p.m.9 views

CVE-2026-20184

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS5.9AI score0.0052EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/15 4:3 p.m.22 views

CVE-2026-20184 Cisco Webex Meetings Certificate Validation Vulnerability

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS0.0052EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 4:3 p.m.3 views

CVE-2026-20184 Cisco Webex Meetings Certificate Validation Vulnerability

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS5.9AI score0.0052EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 4:3 p.m.162 views

CVE-2026-20184

CVE-2026-20184 affects Cisco Webex Services via the SSO integration with Control Hub. Root cause: improper certificate validation in the SSO/token handling path. Exploitation could allow an unauthenticated, remote attacker to impersonate any user when connecting to a service endpoint with a craft...

9.8CVSS5.9AI score0.0052EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/15 4:0 p.m.12 views

Cisco Webex Contact Center Cross-Site Scripting Vulnerability

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...

6.1CVSS5.8AI score0.00222EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/15 4:0 p.m.10 views

Cisco Webex Services Certificate Validation Vulnerability

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS6.1AI score0.0052EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.10 views

PT-2026-33091

Name of the Vulnerable Software and Affected Versions Cisco Webex Contact Center affected versions not specified Description An issue in the Desktop Agent functionality allows an unauthenticated remote attacker to perform cross-site scripting XSS, which is a technique where malicious scripts are...

6.4CVSS6.4AI score0.00222EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.7 views

Cisco Webex Services 安全漏洞

Cisco Webex Services are a series of online collaboration services provided by the American company Cisco. There is a security vulnerability in Cisco Webex Services, which stems from improper certificate verification. This vulnerability could allow unverified remote attackers to impersonate any...

9.8CVSS6AI score0.0052EPSS
Exploits0References2
Rows per page
Query Builder