CVE-2025-20255

Name of the Vulnerable Software and Affected Versions Cisco Webex Meetings (affected versions not specified)

Description A flaw exists in the client join services of Cisco Webex Meetings that could allow a remote, unauthenticated attacker to manipulate cached HTTP responses within the service. This issue stems from improper handling of malicious HTTP requests. An attacker could exploit this by manipulating stored HTTP responses, a technique known as HTTP cache poisoning. Successful exploitation may allow an attacker to cause the Webex Meetings service to return incorrect HTTP responses to clients. The vulnerability involves loading external, untrusted data along with trusted data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.