Cisco’s Webex Chat Vulnerabilities Let Attackers Access Organizations Chat Histories
Cisco’s Webex Chat (formerly known as IMI Chat) was found to have a significant security flaw that exposed the sensitive chat histories of hundreds to thousands of organizations. The exploit allowed unauthorized attackers to access millions of live customer support messages, potentially compromising sensitive customer and organizational data. This flaw affected both internal help desk […] The post Cisco’s Webex Chat Vulnerabilities Let Attackers Access Organizations Chat Histories appeared first on Cyber Security News.
Cisco’s Webex Chat (formerly known as IMI Chat) was found to have a significant security flaw that exposed the sensitive chat histories of hundreds to thousands of organizations.
The exploit allowed unauthorized attackers to access millions of live customer support messages, potentially compromising sensitive customer and organizational data.
This flaw affected both internal help desk systems and customer-facing environments, raising concerns about data security in enterprise communication tools.
How the Vulnerability Works
Cisco Webex Chat gained prominence as a customer engagement solution following Cisco’s acquisition of IMI Engage (IMI Chat) in 2021.
By enabling developers to embed live chat widgets into websites and apps via a JavaScript (JS) file and APP_ID, the service streamlined customer-agent interactions. However, in simplifying deployment, the system inadvertently created severe security gaps.
Collect Threat Intelligence with TI Lookup to Improve Your Company’s Security - Get 50 Free Request
Ophion Security reports that when a user accesses a page with the Cisco Webex Chat widget, the widget called the /settings endpoint [https://chat-widget.imi.chat/livechats/APP_ID/settings?host=ALLOWED_DOMAIN&$callback=?]
This endpoint returned chat configurations (e.g., window colors, titles) along with a clientKey.
The clientKey was then used across multiple API calls to configure the chat environment and initiate communication.
The issue stems because the clientKey, a publicly retrievable value, was also used as a secretKey in sensitive API calls. For example, during a chat session setup, the following API request passed the clientKey in the header as a secret:
This improper key reuse allowed attackers to list all threads created for a customer by sending a GET request to the same endpoint and extracting thread metadata, including thread IDs and titles.
Retrieving Chat Histories
Further investigation revealed that attackers could exploit another API endpoint designed to retrieve prior chat histories.
By analyzing the Webex Chat’s JavaScript file (https://media.imi.chat/widget/js/imichatwidgetv2.js), [https://chat-widget.imi.chat/profile/GetPreviousChatHistory] API endpoint was identified:
The attackers could retrieve the full text of chat conversations, including sensitive information like Personally Identifiable Information (PII), security data (e.g., credentials, internal workflows), and confidential customer-agent exchanges.
Although it took longer than expected, Cisco’s response eventually fixed the issue, but this incident should serve as a warning to the SaaS sector. Regularly testing with automated hacker tools will help you secure your company and avoid such exposures.
Find this story interesting! Follow us on Google News, LinkedIn, and X for more instant updates.
The post Cisco’s Webex Chat Vulnerabilities Let Attackers Access Organizations Chat Histories appeared first on Cyber Security News.
