Tag Archives: Cisco authentication flaw

Cisco patches critical authentication flaw in conferencing servers

Hackers could exploit the issue to masquerade as legitimate users.

Cisco patches critical authentication flaw

Credit: Stephen Lawson

Cisco Systems has patched a critical vulnerability that could allow hackers to gain access to Cisco Meeting and Acano servers that are used in enterprise environments for video and audio conferencing.

The flaw allows an unauthenticated attacker to masquerade as a legitimate user because the Extensible Messaging and Presence Protocol (XMPP) service incorrectly processes a deprecated authentication scheme, Cisco said in an advisory.