AI description
CVE-2025-20255 is a vulnerability found in the client join services of Cisco Webex Meetings. This flaw allows an unauthenticated, remote attacker to manipulate cached HTTP responses within the meeting join service. The root cause of this vulnerability is the improper handling of malicious HTTP requests by the affected service. An attacker can exploit this vulnerability through a technique known as HTTP cache poisoning, where they manipulate stored HTTP responses. A successful exploit could result in the Webex Meetings service delivering incorrect HTTP responses to clients attempting to join meetings.
- Description
- A vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated, remote attacker to manipulate cached HTTP responses within the meeting join service. This vulnerability is due to improper handling of malicious HTTP requests to the affected service. An attacker could exploit this vulnerability by manipulating stored HTTP responses within the service, also known as HTTP cache poisoning. A successful exploit could allow the attacker to cause the Webex Meetings service to return incorrect HTTP responses to clients.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- webex_meetings
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
- psirt@cisco.com
- CWE-349
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
3
Yay, I did a thing for @Oracle knowing they were collaborating with @Akamai and I was applying for a job at Akamai, so I knew it couldn't hurt my chances. 🥰 Same with the Webex CVE-2025-20255 (I forgot about this CVE tbh🤣). TL;DR - I love hacking. 😜 https://t.co/fnLbDX
@deadvolvo
14 Feb 2026
1389 Impressions
2 Retweets
27 Likes
1 Bookmark
0 Replies
0 Quotes
Threat Alert: Cisco Webex Meetings Vulnerability Allows Attackers to Manipulate HTTP Responses CVE-2025-20255 Severity: 🟡 Medium Maturity: 🧨 Trending Learn more: https://t.co/Q34gAfBldo #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
23 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20255 A vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated, remote attacker to manipulate cached HTTP responses within the meeting… https://t.co/XMb47DX7LU
@CVEnew
21 May 2025
280 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_meetings:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81774C03-0884-44C6-80EF-DC882BF44C84"
}
],
"operator": "OR"
}
]
}
]