Severity
Medium
Analysis Summary
CVE-2023-20210
Cisco BroadWorks could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation by the operating system CLI. By sending a specially crafted request, an attacker could exploit this vulnerability to execute commands as the root user.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-20210
Affected Vendors
Cisco
Affected Products
- Cisco BroadWorks Application Server
- Cisco BroadWorks CommPilot Application Software
- Cisco BroadWorks Application Delivery Platform Software
- Cisco BroadWorks Hosted Thin Receptionist
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.