CVE-2025-20215

CWE-295Improper Certificate Validation4 documents4 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 98.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Cisco Webex Meetings
Timeline
PublishedAug 6

Description

A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an unauthenticated, network-proximate attacker to complete a meeting-join process in place of an intended targeted user, provided the requisite conditions were satisfied. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed. This vulnerability existed due to client certificate validation issues. Prior to this vulnerability being addressed, an attac

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:NExploitability: 1.2 | Impact: 4.2

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
Cisco Webex Meeting Client Join Certificate Validation Vulnerability2025-08-06
GHSA
GHSA-7pj3-g359-9mw7: A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an unauthenticated, network-proximate attacker to complet2025-08-06

📋Vendor Advisories

1
Cisco
Cisco Webex Meeting Client Join Certificate Validation Vulnerability2025-08-06
CVE-2025-20215 (MEDIUM CVSS 5.4) | A vulnerability in the meeting-join | cvebase.io