CVE Details
Basic Information
| Title |
CVE-2025-20255 |
| Type |
cve |
| Published |
2025-05-21T17:15:56 |
| Last Seen |
2025-05-21T17:24:49 |
CVSS Information
| Base Score |
4.3 (MEDIUM) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
NONE |
| User Interaction |
REQUIRED |
| Scope |
UNCHANGED |
| Confidentiality Impact |
NONE |
| Integrity Impact |
LOW |
| Availability Impact |
NONE |
AI Analysis
| AI Description |
A vulnerability in Cisco Webex Meetings allows attackers to manipulate cached HTTP responses, potentially causing the service to return incorrect responses to clients. This is due to improper handling of malicious HTTP requests. |
| AI Severity |
Medium |
| Vendor |
Cisco Systems |
| Product |
Cisco Webex Meetings |
| Affected Version |
Unknown |
Additional Information
| CVE List |
CVE-2025-20255 |
| CWE List |
CWE-349 |
| Bulletin Family |
cve |
Description
A vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated, remote attacker to manipulate cached HTTP responses within the meeting join service.
This vulnerability is due to improper handling of malicious HTTP requests to the affected service. An attacker could exploit this vulnerability by manipulating stored HTTP responses within the service, also known as HTTP cache poisoning. A successful exploit could allow the attacker to cause the Webex Meetings service to return incorrect HTTP responses to clients.
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)
View Full CVE Details
