![[The AI Show Episode 148]: Microsoft’s Quiet AI Layoffs, US Copyright Office’s Bombshell AI Guidance, 2025 State of Marketing AI Report, and OpenAI Codex](https://www.marketingaiinstitute.com/hubfs/ep%20148%20cover%20%281%29.png)
![[The AI Show Episode 146]: Rise of “AI-First” Companies, AI Job Disruption, GPT-4o Update Gets Rolled Back, How Big Consulting Firms Use AI, and Meta AI App](https://www.marketingaiinstitute.com/hubfs/ep%20146%20cover.png)
![[DEALS] Babbel Language Learning: Lifetime Subscription (All Languages) (71% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
![Borderlands 4 Boss Says 'A Real Fan' Will Pay $80 For Games [Update]](https://i.kinja-img.com/image/upload/c_fill,h_675,pg_1,q_80,w_1200/086e4654c281e40d12b833591d2c6fdc.jpg)
_Constantine_Soutiaguin-Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Nomad levels up its best-selling charger with new 100W slim adapter [Hands-on]](https://i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2025/05/100w-FI.jpg.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Google just showed off Android Auto’s upcoming light theme [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/05/android-auto-light-theme-documentation-2.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Jony Ive and OpenAI Working on AI Device With No Screen [Kuo]](https://www.iclarified.com/images/news/97401/97401/97401-640.jpg)
![Anthropic Unveils Claude 4 Models That Could Power Apple Xcode AI Assistant [Video]](https://www.iclarified.com/images/news/97407/97407/97407-640.jpg)
![Apple Leads Global Wireless Earbuds Market in Q1 2025 [Chart]](https://www.iclarified.com/images/news/97394/97394/97394-640.jpg)
Cisco Webex Meetings Vulnerability Let Attackers Manipulate HTTP Responses
Cisco disclosed a security vulnerability (CVE-2025-20255) affecting its Webex Meetings service that could allow remote attackers to manipulate cached HTTP responses. The vulnerability, assigned a CVSS score of 4.3 (Medium severity), stems from improper handling of malicious HTTP requests in the client join services component. Security researcher Matthew B. Johnson (d3d) is credited with discovering […] The post Cisco Webex Meetings Vulnerability Let Attackers Manipulate HTTP Responses appeared first on Cyber Security News.
Cisco disclosed a security vulnerability (CVE-2025-20255) affecting its Webex Meetings service that could allow remote attackers to manipulate cached HTTP responses.
The vulnerability, assigned a CVSS score of 4.3 (Medium severity), stems from improper handling of malicious HTTP requests in the client join services component.
Security researcher Matthew B. Johnson (d3d) is credited with discovering and reporting this HTTP cache poisoning vulnerability to Cisco.
The vulnerability enables unauthenticated attackers to exploit cache behavior to serve malicious content to Webex users. Cisco has already addressed the issue in its cloud-based platform, requiring no action from customers using the service.
Understanding HTTP Cache Poisoning Attacks
HTTP cache poisoning is an advanced attack technique where malicious actors exploit how web servers and caches process requests to deliver harmful content to multiple users.
The attack involves two critical phases: first, the attacker must trigger a response from the back-end server containing a dangerous payload; second, they must ensure this compromised response is cached and subsequently served to intended victims.
The vulnerability in Webex Meetings specifically involves manipulating unkeyed inputs in HTTP requests. Web caches identify resources using specific request components (known as the cache key) while ignoring unkeyed inputs.
When these unkeyed inputs affect the generated response but aren’t part of the cache decision-making process, attackers can inject payloads that alter responses for all users accessing the same cached resource.
A successful cache poisoning attack against Webex could potentially impact numerous users without requiring additional interaction from the attacker.
As security experts explained, “The poisoned response will only be served to users who visit the affected page while the cache is poisoned.”
Technical Exploitation
The Webex vulnerability (CWE-349) allows attackers to manipulate HTTP responses by exploiting how the service handles malicious HTTP requests.
Unlike traditional cross-site scripting attacks that target individual users, cache poisoning attacks leverage shared caching infrastructure to amplify impact.
The attack vector requires no authentication (AV:N) and has low attack complexity (AC: L), though it does require user interaction (UI:R) to complete the exploit chain.
The advisory indicates that while the vulnerability allows for integrity impacts (I:L), no confidentiality (C:N) or availability (A:N) concerns were reported.
Attackers could potentially force the Webex Meetings service to return incorrect HTTP responses to clients joining meetings.
This could lead to various security issues, including session disruption or potentially more severe consequences if chained with other vulnerabilities.
Risk Factors Details Affected Products Cisco Webex Meetings (cloud-based service; no on-premises systems impacted) Impact Integrity compromise via HTTP cache poisoning, enabling manipulated responses to clients Exploit Prerequisites No privileges required CVSS 3.1 Score 4.3 (Medium)
Mitigation
Cisco has already addressed the vulnerability in its cloud-based Webex Meetings service, with no customer action required for remediation.
According to the security advisory, “No user action is required” and “There are no workarounds that address this vulnerability”.
The Cisco Product Security Incident Response Team (PSIRT) reported no evidence of public exploitation of this vulnerability at the time of disclosure.
Organizations using Cisco Webex Meetings should ensure they’re using the latest version of the service, which already includes the fix.
Security experts recommend several preventive measures for organizations concerned about web cache poisoning vulnerabilities: validate and sanitize all user inputs, especially HTTP headers; ensure proper cache configuration; and consider implementing response headers like Vary to control caching behavior.
Equip your SOC team with deep threat analysis for faster response -> Get Extra Sandbox Licenses for Free
The post Cisco Webex Meetings Vulnerability Let Attackers Manipulate HTTP Responses appeared first on Cyber Security News.
