Cisco has patched a security flaw (CVE-2025-20255) in its Webex Meetings service that could let attackers manipulate cached HTTP responses. The bug was rated with a CVSS score of 4.3 (medium severity).
Cisco Webex Flaw
The issue came from how the Webex client join services handled malicious HTTP requests. Security researcher Matthew B. Johnson (d3d) discovered and reported the vulnerability, known as an HTTP cache poisoning flaw.
Attackers could use this vulnerability to trick the server into caching a malicious response, which would then be served to other users. This could lead to misleading or harmful content being shown during meetings. Fortunately, Cisco has already fixed the problem on its cloud servers, so no customer action is needed.
What is HTTP Cache Poisoning?
HTTP cache poisoning happens when an attacker sends a specially crafted request to a web server. If the server caches that response, other users may receive the attacker’s modified content.
In the case of Webex, the attack exploited how the system handled unkeyed inputs in HTTP requests—parts of the request that affect the response but are not considered when caching.
Because the vulnerability didn’t require authentication and was low in complexity, it could have been used widely if not patched quickly.
Technical Details
- Type: HTTP cache poisoning (CWE-349)
- Impact: Integrity (e.g., altered content served to users)
- Attack Complexity: Low
- User Interaction: Required
- Authentication: Not needed
- Affected Product: Cisco Webex Meetings (cloud-based only)
- CVSS Score: 4.3 (Medium)
Cisco has secured its infrastructure, but administrators are encouraged to stay aware of how shared cache systems can be used in attacks like this.
Mitigation
Cisco has already fixed this vulnerability in its cloud-based Webex Meetings platform, so users don’t need to take any action. According to Cisco’s advisory, “No user action is required,” and there are no available workarounds.
Cisco’s security team also confirmed that there was no sign of the bug being exploited in the wild.
Still, organizations using Webex should make sure they’re on the latest version of the service with the patch applied.
For extra protection against similar cache poisoning issues, security experts recommend validating all user inputs (especially in HTTP headers), configuring web caches carefully, and using HTTP response headers like Vary to manage how responses are cached.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
![Nifty[.]com Infrastructure Exploited in Phishing Attack](https://firsthackersnews.com/wp-content/uploads/2023/10/Phishing-Attacks_-Recognize-and-Avoid-Email-Phishing-1-500x383.jpg)
Leave A Comment