Improper certificate validation in Cisco Webex SSO integration. An unauthenticated remote attacker could supply a crafted token to the SSO endpoint and impersonate a legitimate Webex user.
Per the NVD entry, an attacker could exploit this vulnerability by connecting to a Cisco Webex service endpoint and supplying a crafted token. A successful exploit allowed the attacker to gain unauthorised access to legitimate Cisco Webex services and impersonate any user within the service. The advisory is recorded as 'cisco-sa-webex-cui-cert-8jSZYhWL' in Cisco's Security Center; it is fixed in current Webex builds.
Detection coverage for this CVE follows the techniques an attacker would exercise. The actionable Sigma rules + DCV coverage data live on the linked technique pages.
CVE-specific Sigma rule generation is under integrity review. See our integrity contract for what we publish today and what graduates next.