Lucene search
K

208 matches found

BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.6 views

The vulnerability of Cisco BroadWorks server software arises from the lack of measures taken to neutralize specific elements, allowing attackers to elevate their privileges to the root level.

The vulnerability of Cisco BroadWorks server software exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...

6CVSS6.2AI score0.00192EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/28 12:0 a.m.6 views

The vulnerability of Cisco BroadWorks server software, related to deficiencies in access control, allows a perpetrator to elevate their privileges to the root level.

The vulnerability of Cisco BroadWorks server software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level by verifying their identity as a user with the role of BWORKS or BWSUPERADMIN...

6.7CVSS7.2AI score0.00148EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/20 12:0 a.m.4 views

PT-2023-3935 · Cisco · Cisco Broadworks

Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks affected versions not specified Description: A vulnerability in the privilege management functionality could allow an authenticated, local attacker to elevate privileges to root on an affected system. This issue is due to...

7.8CVSS7.6AI score0.00148EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/07/20 12:0 a.m.6 views

Cisco BroadWorks 安全漏洞

Cisco BroadWorks is a carrier-grade unified communications software platform from Cisco. It is used to deploy cloud calls from public network platforms on any type of wired or wireless network architecture. A security vulnerability exists in Cisco BroadWorks that stems from a flaw in the privileg...

7.8CVSS7.3AI score0.00148EPSS
Exploits0References3
Cisco
Cisco
added 2023/07/19 4:0 p.m.30 views

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploi...

4.4CVSS7.8AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2023/07/12 2:15 p.m.20 views

CVE-2023-20210

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS6.2AI score0.00192EPSS
Exploits0References1
OSV
OSV
added 2023/07/12 2:15 p.m.4 views

CVE-2023-20210

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS5.9AI score0.00192EPSS
Exploits0References1
Prion
Prion
added 2023/07/12 2:15 p.m.17 views

Input validation

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

2.9CVSS6.2AI score0.00192EPSS
Exploits0References1Affected Software16
CVE
CVE
added 2023/07/12 1:53 p.m.50 views

CVE-2023-20210

CVE-2023-20210 affects Cisco BroadWorks. The issue is caused by insufficient input validation in the operating system CLI, enabling an authenticated, local attacker with BroadWorks admin privileges to execute commands as the root user on the affected device. The exploit requires crafting a comman...

6CVSS6.2AI score0.00192EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.4 views

Cisco BroadWorks 安全漏洞

Cisco BroadWorks is a carrier-grade unified communications software platform from Cisco. It is used to deploy cloud calls from public network platforms on any type of wired or wireless network architecture. A security vulnerability exists in Cisco BroadWorks that stems from insufficient input...

6CVSS6.4AI score0.00192EPSS
Exploits0References3
Cisco
Cisco
added 2023/07/05 4:0 p.m.22 views

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS6.2AI score0.00192EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.6 views

The vulnerability of the Cisco BroadWorks Network Server, related to improper management of internal resources, allows a attacker to execute a DoS attack.

The vulnerability of the Cisco BroadWorks Network Server is related to improper management of internal resources within the application when handling large delegations. Exploiting this vulnerability can allow a malicious actor to carry out a DoS attack...

8.6CVSS5.5AI score0.00914EPSS
Exploits0References2Affected Software1
CISA
CISA
added 2023/04/21 12:0 p.m.4 views

Cisco Releases Security Advisories for Multiple Products

Cisco has released security updates for vulnerabilities affecting Industrial Network Director IND, Modeling Labs, StarOS Software, and BroadbandWorks Network Server. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

7.8AI score
Exploits0References8
Cisco
Cisco
added 2023/04/19 4:0 p.m.33 views

Cisco BroadWorks Network Server TCP Denial of Service Vulnerability

A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service DoS condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An...

8.6CVSS8.4AI score0.00914EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/19 12:0 a.m.5 views

PT-2023-2561 · Cisco · Cisco Broadworks Network Server

Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks Network Server affected versions not specified Description: The issue is related to improper management of internal resources within the application when handling large delegations, which could allow a remote attacker to caus...

8.6CVSS7.4AI score0.00914EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.4 views

The vulnerability in the web interface for managing Cisco BroadWorks Application Server, Cisco BroadWorks Xtended Services Platform, and BroadWorks Application Delivery Platform allows a attacker to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco BroadWorks Application Server, Cisco BroadWorks Xtended Services Platform, and BroadWorks Application Delivery Platform exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a...

6.4CVSS6AI score0.00588EPSS
Exploits0References4
OSV
OSV
added 2023/01/20 7:15 a.m.5 views

CVE-2023-20020

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...

8.6CVSS7.3AI score0.00861EPSS
Exploits0References1
NVD
NVD
added 2023/01/20 7:15 a.m.34 views

CVE-2023-20020

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...

8.6CVSS8.5AI score0.00861EPSS
Exploits0References1
OSV
OSV
added 2023/01/20 7:15 a.m.3 views

CVE-2023-20019

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

6.1CVSS6.6AI score0.00588EPSS
Exploits0References1
NVD
NVD
added 2023/01/20 7:15 a.m.22 views

CVE-2023-20019

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

6.1CVSS6AI score0.00588EPSS
Exploits0References1
Rows per page
Query Builder