{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20184", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.394Z", "datePublished": "2026-04-15T16:03:59.646Z", "dateUpdated": "2026-04-15T16:56:34.703Z"}, "containers": {"cna": {"title": "Cisco Webex Meetings Certificate Validation Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.\r\n\r\nThis vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL", "name": "cisco-sa-webex-cui-cert-8jSZYhWL"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-webex-cui-cert-8jSZYhWL", "discovery": "INTERNAL", "defects": ["CSCwt37111"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Certificate Validation", "type": "cwe", "cweId": "CWE-295"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Webex Meetings", "versions": [{"version": "39.7.7", "status": "affected"}, {"version": "39.9", "status": "affected"}, {"version": "40.4.10", "status": "affected"}, {"version": "39.6", "status": "affected"}, {"version": "40.6.2", "status": "affected"}, {"version": "39.8.2", "status": "affected"}, {"version": "39.8.4", "status": "affected"}, {"version": "40.1", "status": "affected"}, {"version": "39.11", "status": "affected"}, {"version": "39.7.4", "status": "affected"}, {"version": "39.9.1", "status": "affected"}, {"version": "40.4", "status": "affected"}, {"version": "40.6", "status": "affected"}, {"version": "39.7", "status": "affected"}, {"version": "39.8", "status": "affected"}, {"version": "39.8.3", "status": "affected"}, {"version": "40.2", "status": "affected"}, {"version": "39.10", "status": "affected"}, {"version": "42.6", "status": "affected"}, {"version": "42.7", "status": "affected"}, {"version": "42.8", "status": "affected"}, {"version": "42.9", "status": "affected"}, {"version": "42.10", "status": "affected"}, {"version": "42.11", "status": "affected"}, {"version": "42.12", "status": "affected"}, {"version": "43.1", "status": "affected"}, {"version": "43.2", "status": "affected"}, {"version": "43.3", "status": "affected"}, {"version": "43.4", "status": "affected"}, {"version": "43.4.1", "status": "affected"}, {"version": "43.4.2", "status": "affected"}, {"version": "43.5.0", "status": "affected"}, {"version": "43.6.0", "status": "affected"}, {"version": "43.6.1", "status": "affected"}, {"version": "43.7", "status": "affected"}, {"version": "43.8", "status": "affected"}, {"version": "43.9", "status": "affected"}, {"version": "43.10", "status": "affected"}, {"version": "43.11", "status": "affected"}, {"version": "43.12", "status": "affected"}, {"version": "44.1", "status": "affected"}, {"version": "44.2", "status": "affected"}, {"version": "44.3", "status": "affected"}, {"version": "44.4", "status": "affected"}, {"version": "44.5", "status": "affected"}, {"version": "44.6", "status": "affected"}, {"version": "44.7", "status": "affected"}, {"version": "44.8", "status": "affected"}, {"version": "44.9", "status": "affected"}, {"version": "44.10", "status": "affected"}, {"version": "44.11", "status": "affected"}, {"version": "44.12", "status": "affected"}, {"version": "45.1", "status": "affected"}, {"version": "45.2", "status": "affected"}, {"version": "45.3", "status": "affected"}, {"version": "45.4", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-15T16:03:59.646Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20184", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T16:45:03.876078Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T16:56:34.703Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20184", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T16:45:03.876078Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T16:56:20.681Z"}}], "cna": {"title": "Cisco Webex Meetings Certificate Validation Vulnerability", "source": {"defects": ["CSCwt37111"], "advisory": "cisco-sa-webex-cui-cert-8jSZYhWL", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Webex Meetings", "versions": [{"status": "affected", "version": "39.7.7"}, {"status": "affected", "version": "39.9"}, {"status": "affected", "version": "40.4.10"}, {"status": "affected", "version": "39.6"}, {"status": "affected", "version": "40.6.2"}, {"status": "affected", "version": "39.8.2"}, {"status": "affected", "version": "39.8.4"}, {"status": "affected", "version": "40.1"}, {"status": "affected", "version": "39.11"}, {"status": "affected", "version": "39.7.4"}, {"status": "affected", "version": "39.9.1"}, {"status": "affected", "version": "40.4"}, {"status": "affected", "version": "40.6"}, {"status": "affected", "version": "39.7"}, {"status": "affected", "version": "39.8"}, {"status": "affected", "version": "39.8.3"}, {"status": "affected", "version": "40.2"}, {"status": "affected", "version": "39.10"}, {"status": "affected", "version": "42.6"}, {"status": "affected", "version": "42.7"}, {"status": "affected", "version": "42.8"}, {"status": "affected", "version": "42.9"}, {"status": "affected", "version": "42.10"}, {"status": "affected", "version": "42.11"}, {"status": "affected", "version": "42.12"}, {"status": "affected", "version": "43.1"}, {"status": "affected", "version": "43.2"}, {"status": "affected", "version": "43.3"}, {"status": "affected", "version": "43.4"}, {"status": "affected", "version": "43.4.1"}, {"status": "affected", "version": "43.4.2"}, {"status": "affected", "version": "43.5.0"}, {"status": "affected", "version": "43.6.0"}, {"status": "affected", "version": "43.6.1"}, {"status": "affected", "version": "43.7"}, {"status": "affected", "version": "43.8"}, {"status": "affected", "version": "43.9"}, {"status": "affected", "version": "43.10"}, {"status": "affected", "version": "43.11"}, {"status": "affected", "version": "43.12"}, {"status": "affected", "version": "44.1"}, {"status": "affected", "version": "44.2"}, {"status": "affected", "version": "44.3"}, {"status": "affected", "version": "44.4"}, {"status": "affected", "version": "44.5"}, {"status": "affected", "version": "44.6"}, {"status": "affected", "version": "44.7"}, {"status": "affected", "version": "44.8"}, {"status": "affected", "version": "44.9"}, {"status": "affected", "version": "44.10"}, {"status": "affected", "version": "44.11"}, {"status": "affected", "version": "44.12"}, {"status": "affected", "version": "45.1"}, {"status": "affected", "version": "45.2"}, {"status": "affected", "version": "45.3"}, {"status": "affected", "version": "45.4"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL", "name": "cisco-sa-webex-cui-cert-8jSZYhWL"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.\r\n\r\nThis vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-295", "description": "Improper Certificate Validation"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-15T16:03:59.646Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20184", "state": "PUBLISHED", "dateUpdated": "2026-04-15T16:56:34.703Z", "dateReserved": "2025-10-08T11:59:15.394Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-04-15T16:03:59.646Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.\r\n\r\nThis vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services."}], "id": "CVE-2026-20184", "lastModified": "2026-04-15T17:17:03.677", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-04-15T17:17:03.677", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-15T19:18:52.989173+00:00", "value": {"mitigation_remediation": ["Install the latest Cisco Webex update that corrects the certificate validation logic", "Verify that the SSO configuration uses a trusted CA and that certificate validation is enforced", "If a patch cannot be applied immediately, disable or lock down SSO integration to prevent untrusted token acceptance", "Enable audit logging of SSO requests and monitor for anomalous authentication patterns"], "summary": {"action": "Immediate Patch", "impact": "Unauthorized remote impersonation of Webex users"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Cisco Webex Meetings when SSO is configured with Control Hub. No specific version information was supplied, so all deployments using this feature are potentially at risk.", "description_and_impact": "A flaw in the single sign\u2011on integration with Control Hub allowed an attacker to supply a forged token and bypass certificate validation. The result is that the attacker could assume the identity of any Webex user, gaining full access to services and data they would normally be denied. The weakness is a classic certificate trust flaw and can lead to a complete loss of confidentiality for user accounts.", "risk_and_exploitability": "The CVSS score of 9.8 indicates a severe, high\u2011impact risk. An unauthenticated, remote attacker can reach the vulnerable service endpoint. The EPSS value is unavailable, but the lack of remediation in the public KEV list does not reduce the likelihood of exploitation. In practice, an attacker could craft a malicious token, supply it to the endpoint, and immediately impersonate a user without needing any other credentials."}}}}, "created": "2026-04-15T19:30:12.381226+00:00", "updated": "2026-04-15T19:30:12.381237+00:00", "vendors": []}