Cisco warned shoppers lately of a vulnerability in Webex for BroadWorks that might let unauthenticated attackers get admission to credentials remotely.
Webex for BroadWorks integrates Cisco Webex’s video conferencing and collaboration options with the BroadWorks unified communications platform.
Whilst the corporate has but to assign a CVE ID to trace this safety factor, Cisco says in a Tuesday safety advisory that it already driven a configuration trade to deal with the flaw and recommended shoppers to restart their Cisco Webex app to get the repair.
“A low-severity vulnerability in Cisco Webex for BroadWorks Unlock 45.2 may permit an unauthenticated, far flung attacker to get admission to information and credentials if unsecure shipping is configured for the SIP conversation,” Cisco defined.
“A similar factor may permit an authenticated consumer to get admission to credentials in undeniable textual content within the consumer and server logs. A malicious actor may exploit this vulnerability and the similar factor to get admission to information and credentials and impersonate the consumer.”
The vulnerability is led to by means of delicate knowledge uncovered within the SIP headers and handiest impacts Cisco BroadWorks (on-premises) and Cisco Webex for BroadWorks (hybrid cloud/on-premises) cases operating in Home windows environments.
Workaround to be had
The corporate advises admins to configure protected shipping for SIP conversation to encrypt information in transit as a brief workaround till the configuration trade reaches their surroundings.
“Cisco additionally recommends rotating credentials to offer protection to in opposition to the likelihood that the credentials were got by means of a malicious actor,” the corporate added.
It additionally added that its Product Safety Incident Reaction Staff (PSIRT) has no proof of malicious use within the wild or public bulletins sharing additional knowledge in this vulnerability.
On Monday, CISA tagged some other Cisco vulnerability (CVE-2023-20118) patched in January 2023 as actively exploited. This flaw permits attackers to execute arbitrary instructions on Cisco RV016, RV042, RV042G, RV082, RV320, and RV325 VPN routers.
Final month, Recorded Long run’s Insikt Workforce risk analysis department additionally reported that China’s Salt Hurricane hackers had breached extra U.S. telecom suppliers by the use of unpatched Cisco IOS XE community gadgets.