Vulnerability in Cisco Broadworks_application_delivery_platform
CVE-2023-20210
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An att…
EPSS: 0.002 (9.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N.
Affected products
- Cisco Broadworks_application_delivery_platform
- Cisco Broadworks_application_delivery_platform_firmware — versions 23.0, 24.0, 25.0
- Cisco Broadworks_application_server
- Cisco Broadworks_application_server_firmware — versions 23.0, 24.0, 25.0
- Cisco Broadworks_database_server
- Cisco Broadworks_database_server_firmware — versions 23.0, 24.0, 25.0
- Cisco Broadworks_database_troubleshooting_server
- Cisco Broadworks_database_troubleshooting_server_firmware — versions 23.0, 24.0, 25.0
- Cisco Broadworks_execution_server
- Cisco Broadworks_execution_server_firmware — versions 23.0, 24.0, 25.0
Weakness classification (CWE)
References
- psirt@cisco.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2023-20210?
- CVE-2023-20210 is a medium-severity vulnerability in Cisco Broadworks_application_delivery_platform, classified under CWE-250. CVSS score: 6.0/10. Published 2023-07-12.
- How severe is CVE-2023-20210?
- Medium severity. CVSS v3 base score is 6.0 out of 10.