Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

A critical security bug affecting Cisco’s Unified Contact Center Enterprise (UCCE) portfolio could allow privilege-escalation and platform takeover. Cisco UCCE is an on-premises customer-service platform capable of supporting up to 24,000 customer-service agents using channels that include inbound voice, outbound voice, outbound interactive voice response (IVR) and digital channels. It also offers a feedback loop via post-call IVR, email and web intercept surveys; and various reporting options to gather information on agent performance to use in establishing metrics and informing business intelligence. It counts some heavy hitters among its users, including T-Mobile USA, according to the product website. The bug in question (CVE-2022-20658) is a particularly nasty one, with a critical rating of 9.6 out of 10 on the CVSS vulnerability-severity scale, and could allow authenticated, remote attackers to elevate their privileges to administrator, with the ability to create other administrator accounts. It specifically exists in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) and stems from the fact that the server relies on authentication mechanisms handled by the client side. That opens the door to an attacker modifying the client-side behavior to bypass protection mechanisms. The CCMP is a management tool that gives contact-center supervisors the ability to move,…