CVE-2026-20184 (GCVE-0-2026-20184)
Vulnerability from cvelistv5
Published
2026-04-15 16:03
Modified
2026-04-16 19:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.
This vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Webex Meetings |
Version: 39.7.7 Version: 39.9 Version: 40.4.10 Version: 39.6 Version: 40.6.2 Version: 39.8.2 Version: 39.8.4 Version: 40.1 Version: 39.11 Version: 39.7.4 Version: 39.9.1 Version: 40.4 Version: 40.6 Version: 39.7 Version: 39.8 Version: 39.8.3 Version: 40.2 Version: 39.10 Version: 42.6 Version: 42.7 Version: 42.8 Version: 42.9 Version: 42.10 Version: 42.11 Version: 42.12 Version: 43.1 Version: 43.2 Version: 43.3 Version: 43.4 Version: 43.4.1 Version: 43.4.2 Version: 43.5.0 Version: 43.6.0 Version: 43.6.1 Version: 43.7 Version: 43.8 Version: 43.9 Version: 43.10 Version: 43.11 Version: 43.12 Version: 44.1 Version: 44.2 Version: 44.3 Version: 44.4 Version: 44.5 Version: 44.6 Version: 44.7 Version: 44.8 Version: 44.9 Version: 44.10 Version: 44.11 Version: 44.12 Version: 45.1 Version: 45.2 Version: 45.3 Version: 45.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T03:55:32.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Webex Meetings",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "39.7.7"
},
{
"status": "affected",
"version": "39.9"
},
{
"status": "affected",
"version": "40.4.10"
},
{
"status": "affected",
"version": "39.6"
},
{
"status": "affected",
"version": "40.6.2"
},
{
"status": "affected",
"version": "39.8.2"
},
{
"status": "affected",
"version": "39.8.4"
},
{
"status": "affected",
"version": "40.1"
},
{
"status": "affected",
"version": "39.11"
},
{
"status": "affected",
"version": "39.7.4"
},
{
"status": "affected",
"version": "39.9.1"
},
{
"status": "affected",
"version": "40.4"
},
{
"status": "affected",
"version": "40.6"
},
{
"status": "affected",
"version": "39.7"
},
{
"status": "affected",
"version": "39.8"
},
{
"status": "affected",
"version": "39.8.3"
},
{
"status": "affected",
"version": "40.2"
},
{
"status": "affected",
"version": "39.10"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.1"
},
{
"status": "affected",
"version": "43.4.2"
},
{
"status": "affected",
"version": "43.5.0"
},
{
"status": "affected",
"version": "43.6.0"
},
{
"status": "affected",
"version": "43.6.1"
},
{
"status": "affected",
"version": "43.7"
},
{
"status": "affected",
"version": "43.8"
},
{
"status": "affected",
"version": "43.9"
},
{
"status": "affected",
"version": "43.10"
},
{
"status": "affected",
"version": "43.11"
},
{
"status": "affected",
"version": "43.12"
},
{
"status": "affected",
"version": "44.1"
},
{
"status": "affected",
"version": "44.2"
},
{
"status": "affected",
"version": "44.3"
},
{
"status": "affected",
"version": "44.4"
},
{
"status": "affected",
"version": "44.5"
},
{
"status": "affected",
"version": "44.6"
},
{
"status": "affected",
"version": "44.7"
},
{
"status": "affected",
"version": "44.8"
},
{
"status": "affected",
"version": "44.9"
},
{
"status": "affected",
"version": "44.10"
},
{
"status": "affected",
"version": "44.11"
},
{
"status": "affected",
"version": "44.12"
},
{
"status": "affected",
"version": "45.1"
},
{
"status": "affected",
"version": "45.2"
},
{
"status": "affected",
"version": "45.3"
},
{
"status": "affected",
"version": "45.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.\r\n\r\nThis vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Improper Certificate Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T19:07:14.461Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-webex-cui-cert-8jSZYhWL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL"
}
],
"source": {
"advisory": "cisco-sa-webex-cui-cert-8jSZYhWL",
"defects": [
"CSCwt37111"
],
"discovery": "INTERNAL"
},
"title": "Cisco Webex Meetings Certificate Validation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20184",
"datePublished": "2026-04-15T16:03:59.646Z",
"dateReserved": "2025-10-08T11:59:15.394Z",
"dateUpdated": "2026-04-16T19:07:14.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20184\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-15T16:45:03.876078Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-15T16:56:20.681Z\"}}], \"cna\": {\"title\": \"Cisco Webex Meetings Certificate Validation Vulnerability\", \"source\": {\"defects\": [\"CSCwt37111\"], \"advisory\": \"cisco-sa-webex-cui-cert-8jSZYhWL\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Webex Meetings\", \"versions\": [{\"status\": \"affected\", \"version\": \"39.7.7\"}, {\"status\": \"affected\", \"version\": \"39.9\"}, {\"status\": \"affected\", \"version\": \"40.4.10\"}, {\"status\": \"affected\", \"version\": \"39.6\"}, {\"status\": \"affected\", \"version\": \"40.6.2\"}, {\"status\": \"affected\", \"version\": \"39.8.2\"}, {\"status\": \"affected\", \"version\": \"39.8.4\"}, {\"status\": \"affected\", \"version\": \"40.1\"}, {\"status\": \"affected\", \"version\": \"39.11\"}, {\"status\": \"affected\", \"version\": \"39.7.4\"}, {\"status\": \"affected\", \"version\": \"39.9.1\"}, {\"status\": \"affected\", \"version\": \"40.4\"}, {\"status\": \"affected\", \"version\": \"40.6\"}, {\"status\": \"affected\", \"version\": \"39.7\"}, {\"status\": \"affected\", \"version\": \"39.8\"}, {\"status\": \"affected\", \"version\": \"39.8.3\"}, {\"status\": \"affected\", \"version\": \"40.2\"}, {\"status\": \"affected\", \"version\": \"39.10\"}, {\"status\": \"affected\", \"version\": \"42.6\"}, {\"status\": \"affected\", \"version\": \"42.7\"}, {\"status\": \"affected\", \"version\": \"42.8\"}, {\"status\": \"affected\", \"version\": \"42.9\"}, {\"status\": \"affected\", \"version\": \"42.10\"}, {\"status\": \"affected\", \"version\": \"42.11\"}, {\"status\": \"affected\", \"version\": \"42.12\"}, {\"status\": \"affected\", \"version\": \"43.1\"}, {\"status\": \"affected\", \"version\": \"43.2\"}, {\"status\": \"affected\", \"version\": \"43.3\"}, {\"status\": \"affected\", \"version\": \"43.4\"}, {\"status\": \"affected\", \"version\": \"43.4.1\"}, {\"status\": \"affected\", \"version\": \"43.4.2\"}, {\"status\": \"affected\", \"version\": \"43.5.0\"}, {\"status\": \"affected\", \"version\": \"43.6.0\"}, {\"status\": \"affected\", \"version\": \"43.6.1\"}, {\"status\": \"affected\", \"version\": \"43.7\"}, {\"status\": \"affected\", \"version\": \"43.8\"}, {\"status\": \"affected\", \"version\": \"43.9\"}, {\"status\": \"affected\", \"version\": \"43.10\"}, {\"status\": \"affected\", \"version\": \"43.11\"}, {\"status\": \"affected\", \"version\": \"43.12\"}, {\"status\": \"affected\", \"version\": \"44.1\"}, {\"status\": \"affected\", \"version\": \"44.2\"}, {\"status\": \"affected\", \"version\": \"44.3\"}, {\"status\": \"affected\", \"version\": \"44.4\"}, {\"status\": \"affected\", \"version\": \"44.5\"}, {\"status\": \"affected\", \"version\": \"44.6\"}, {\"status\": \"affected\", \"version\": \"44.7\"}, {\"status\": \"affected\", \"version\": \"44.8\"}, {\"status\": \"affected\", \"version\": \"44.9\"}, {\"status\": \"affected\", \"version\": \"44.10\"}, {\"status\": \"affected\", \"version\": \"44.11\"}, {\"status\": \"affected\", \"version\": \"44.12\"}, {\"status\": \"affected\", \"version\": \"45.1\"}, {\"status\": \"affected\", \"version\": \"45.2\"}, {\"status\": \"affected\", \"version\": \"45.3\"}, {\"status\": \"affected\", \"version\": \"45.4\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL\", \"name\": \"cisco-sa-webex-cui-cert-8jSZYhWL\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.\\r\\n\\r\\nThis vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-295\", \"description\": \"Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-04-16T19:07:14.461Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20184\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-16T19:07:14.461Z\", \"dateReserved\": \"2025-10-08T11:59:15.394Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-04-15T16:03:59.646Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…