CVE-2023-20255

Name of the Vulnerable Software and Affected Versions Cisco Meeting Server (affected versions not specified)

Description The issue is related to insufficient validation of HTTP requests in the Web Bridge feature of Cisco Meeting Server, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This could lead to a partial availability condition, causing ongoing video calls to be dropped due to invalid packets reaching the Web Bridge. An attacker could exploit this by sending crafted HTTP packets to an affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.