Cisco Webex Security Flaws: Two New Ways to Stress Test Your IT Team

Cisco Webex App vulnerabilities could expose session tokens and credentials. Attackers might exploit these flaws by intercepting insecure transmissions. Cisco has released updates, but no workarounds are available. Stay updated and secure!

1P
Published: July 17, 2024 4:19 pmAdded: July 17, 2024 at 9:56 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Just when you thought your virtual meetings couldn’t get any more awkward, along comes Cisco Webex with vulnerabilities that make your session tokens and credentials easier to grab than the last donut at a staff meeting. Time to update those apps, folks!

Key Points:

  • Cisco Webex App has two distinct vulnerabilities: CVE-2024-20395 and CVE-2024-20396.
  • Both vulnerabilities allow an attacker to gain unauthorized access to sensitive information.
  • Exploitation of one vulnerability is not a prerequisite for exploiting the other.
  • There are no workarounds; Cisco has released software updates to address these issues.
  • Security Impact Ratings: Medium; CVSS Scores: 6.4 and 5.3 respectively.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?