Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-20958
HistoryNov 04, 2022 - 6:15 p.m.

Server side request forgery (ssrf)

2022-11-0418:15:00
PRIOn knowledge base
www.prio-n.com
1
cisco broadworks
commpilot
ssrf
http requests
vulnerability
unauthenticated attackers

8.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

JSON

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network.

{{value}} [“%7b%7bvalue%7d%7d”])}]]

CPENameOperatorVersion
broadworks_commpilot_applicationlt23.0

Related

cve 1
nvd 1
cvelist 1
cisco 1
cve
cve
CVE-2022-20958
2022-11-04 18:15:11
nvd
nvd
CVE-2022-20958
2022-11-04 18:15:11
cvelist
cvelist
CVE-2022-20958
2022-11-03 19:26:56
cisco
cisco
Cisco BroadWorks CommPilot Application Software Vulnerabilities
2022-11-02 16:00:00

8.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

JSON
Related for PRION:CVE-2022-20958
cve1nvd1cvelist1cisco1