Cisco warned clients immediately of a vulnerability in Webex for BroadWorks that might let unauthenticated attackers entry credentials remotely.
Webex for BroadWorks integrates Cisco Webex’s video conferencing and collaboration options with the BroadWorks unified communications platform.
Whereas the corporate has but to assign a CVE ID to trace this security difficulty, Cisco says in a Tuesday security advisory that it already pushed a configuration change to handle the flaw and suggested clients to restart their Cisco Webex app to get the repair.
“A low-severity vulnerability in Cisco Webex for BroadWorks Launch 45.2 may permit an unauthenticated, distant attacker to entry knowledge and credentials if unsecure transport is configured for the SIP communication,” Cisco defined.
“A associated difficulty may permit an authenticated consumer to entry credentials in plain textual content within the shopper and server logs. A malicious actor may exploit this vulnerability and the associated difficulty to entry knowledge and credentials and impersonate the consumer.”
The vulnerability is attributable to delicate data uncovered within the SIP headers and solely impacts Cisco BroadWorks (on-premises) and Cisco Webex for BroadWorks (hybrid cloud/on-premises) cases working in Home windows environments.
Workaround out there
The corporate advises admins to configure safe transport for SIP communication to encrypt knowledge in transit as a brief workaround till the configuration change reaches their setting.
“Cisco additionally recommends rotating credentials to guard in opposition to the chance that the credentials have been acquired by a malicious actor,” the corporate added.
It additionally added that its Product Safety Incident Response Staff (PSIRT) has no proof of malicious use within the wild or public bulletins sharing additional data on this vulnerability.
On Monday, CISA tagged one other Cisco vulnerability (CVE-2023-20118) patched in January 2023 as actively exploited. This flaw permits attackers to execute arbitrary instructions on Cisco RV016, RV042, RV042G, RV082, RV320, and RV325 VPN routers.
Final month, Recorded Future’s Insikt Group menace analysis division additionally reported that China’s Salt Hurricane hackers had breached extra U.S. telecom suppliers by way of unpatched Cisco IOS XE community units.
