Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Intelligent Proximity SSL Certificate Validation Vulnerability

cisco-sa-proximity-ssl-cert-gBBu3RB · High · Published · Updated

A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section. The vulnerability is due to a lack of validation of the SSL server certificate received when establishing a connection to a Cisco Webex video device or a Cisco collaboration endpoint. An attacker could exploit this vulnerability by using man in the middle (MITM) techniques to intercept the traffic between the affected client and an endpoint, and then using a forged certificate to impersonate the endpoint. Depending on the configuration of the endpoint, an exploit could allow the attacker to view presentation content shared on it, modify any content being presented by the victim, or have access to call controls. This vulnerability does not affect cloud registered collaboration endpoints. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-proximity-ssl-cert-gBBu3RB

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.
Mitigations Disabling the Proximity Pairing Feature
The primary purpose of the collaboration endpoints is video and content sharing. Customers that don't require automatic endpoint discovery and connection can disable the Proximity pairing feature.
Disabling the Proximity Pairing Feature on Cisco Webex Video Devices and on Cisco Collaboration Endpoints
Sign in to the endpoint's web interface and navigate to Setup > Configuration, then go to Proximity > Mode. Setting Mode to Off will ensure that all the Proximity features are disabled. Alternatively, the different sub-services can be disabled, which will limit exposure accordingly.

For the Cisco IX5000 Series, navigate to Configuration > Display Frequency and Proximity Sections. Setting Mode to Off will ensure that all the Proximity features are disabled. Alternatively, the different sub-services can be disabled, which will limit exposure accordingly.

Note: Once this feature is disabled on an endpoint, direct interaction with the device is required to use it. The various Proximity clients will not be able to connect to the endpoints. However, this doesn't prevent client software from connecting to other endpoints that might have the feature enabled, thus not fully eliminating the risk of exploitation.
Disabling the Automatic Discovery of Collaboration Endpoints on the Proximity Clients
It is possible to disable the Proximity pairing in Cisco Jabber, Cisco Webex Teams, and Cisco Webex Meetings. The instructions for how to reach the configuration option for each respective client are listed in the Vulnerable Products ["#vp"] section of this advisory.

Note: Disabling this feature on the clients will not prevent external guests from connecting to the endpoint, thus not fully eliminating the risk of exploitation.
Migration of the Collaboration Solution to the Cloud
Customers that are entitled to use the cloud registered collaboration solution may migrate their environment from on-premises to cloud registered devices. The Cisco Intelligent Proximity solution for cloud registered devices is not affected by this vulnerability.

CVEsCVE-2020-3155
Cisco Bug IDsCSCvr90871
CVSS ScoreBase 7.4
Base 7.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Jabber IM for Android, Cisco WebEx Meetings Server, Cisco Jabber for Windows, Cisco WebEx Meetings for Android, Cisco WebEx Meetings for Windows Phone 8, Cisco Webex Teams, Cisco Jabber for Mac, Cisco Jabber for iOS, Cisco Meeting App, Cisco Webex Meetings, Cisco WebEx Meetings for iOS, Cisco Proximity, Cisco Webex App

Related Products

Product CVE Evidence
Cisco Webex Teams CVE-2020-3155 Cisco OpenVuln
Cisco Webex Meetings CVE-2020-3155 Cisco OpenVuln
Cisco Webex App CVE-2020-3155 Cisco OpenVuln
Cisco WebEx Meetings for iOS CVE-2020-3155 Cisco OpenVuln
Cisco WebEx Meetings for Windows Phone 8 CVE-2020-3155 Cisco OpenVuln
Cisco WebEx Meetings for Android CVE-2020-3155 Cisco OpenVuln
Cisco WebEx Meetings Server CVE-2020-3155 Cisco OpenVuln
Cisco Proximity CVE-2020-3155 Cisco OpenVuln
Cisco Meeting App CVE-2020-3155 Cisco OpenVuln
Cisco Jabber for iOS CVE-2020-3155 Cisco OpenVuln
Cisco Jabber for Windows CVE-2020-3155 Cisco OpenVuln
Cisco Jabber for Mac CVE-2020-3155 Cisco OpenVuln
Cisco Jabber IM for Android CVE-2020-3155 Cisco OpenVuln
Cisco Jabber CVE-2020-3155 Cisco OpenVuln