A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device.
The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.
References
Link | Resource |
---|---|
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
History
25 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-250 |
21 Jul 2023, 16:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco broadworks Webrtc Server Firmware
Cisco broadworks Application Server Cisco broadworks Profile Server Cisco broadworks Xtended Services Platform Cisco broadworks Service Control Function Server Firmware Cisco broadworks Profile Server Firmware Cisco broadworks Database Troubleshooting Server Cisco broadworks Application Delivery Platform Cisco broadworks Application Server Firmware Cisco broadworks Messaging Server Firmware Cisco broadworks Network Server Firmware Cisco broadworks Execution Server Cisco broadworks Webrtc Server Cisco broadworks Application Delivery Platform Firmware Cisco broadworks Video Server Cisco broadworks Network Function Manager Firmware Cisco broadworks Network Database Server Firmware Cisco broadworks Messaging Server Cisco broadworks Sharing Server Firmware Cisco broadworks Media Server Firmware Cisco broadworks Network Function Manager Cisco broadworks Network Server Cisco broadworks Video Server Firmware Cisco broadworks Database Troubleshooting Server Firmware Cisco broadworks Database Server Cisco Cisco broadworks Xtended Services Platform Firmware Cisco broadworks Service Control Function Server Cisco broadworks Execution Server Firmware Cisco broadworks Sharing Server Cisco broadworks Media Server Cisco broadworks Network Database Server Cisco broadworks Database Server Firmware |
|
CPE | cpe:2.3:o:cisco:broadworks_network_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_messaging_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_application_delivery_platform_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_messaging_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_database_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_service_control_function_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_profile_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_database_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_application_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_media_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_media_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_function_manager_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_service_control_function_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_sharing_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_execution_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_service_control_function_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_video_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_xtended_services_platform_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_database_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_database_troubleshooting_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_database_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_database_troubleshooting_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_application_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_application_delivery_platform:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_profile_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_application_delivery_platform_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_video_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_profile_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_service_control_function_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_messaging_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_profile_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_application_delivery_platform_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_database_troubleshooting_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_webrtc_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_execution_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_webrtc_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_database_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_xtended_services_platform_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_media_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_database_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_database_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_sharing_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_function_manager_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_application_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_xtended_services_platform_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_database_troubleshooting_server:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_execution_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_messaging_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_webrtc_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_application_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_media_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_network_function_manager:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_webrtc_server_firmware:23.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_sharing_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_sharing_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_execution_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_video_server_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_video_server_firmware:25.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_network_server:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:broadworks_network_function_manager_firmware:24.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_network_database_server:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:broadworks_xtended_services_platform:-:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.0 |
References | (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW - Vendor Advisory |
12 Jul 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-12 14:15
Updated : 2024-01-25 17:15
NVD link : CVE-2023-20210
Mitre link : CVE-2023-20210
CVE.ORG link : CVE-2023-20210
JSON object : View
Products Affected
cisco
- broadworks_application_server
- broadworks_xtended_services_platform
- broadworks_video_server_firmware
- broadworks_webrtc_server_firmware
- broadworks_execution_server_firmware
- broadworks_media_server_firmware
- broadworks_network_server
- broadworks_service_control_function_server
- broadworks_xtended_services_platform_firmware
- broadworks_service_control_function_server_firmware
- broadworks_application_delivery_platform_firmware
- broadworks_messaging_server
- broadworks_application_delivery_platform
- broadworks_network_database_server
- broadworks_video_server
- broadworks_database_server_firmware
- broadworks_execution_server
- broadworks_network_function_manager_firmware
- broadworks_messaging_server_firmware
- broadworks_network_database_server_firmware
- broadworks_webrtc_server
- broadworks_media_server
- broadworks_application_server_firmware
- broadworks_database_server
- broadworks_database_troubleshooting_server
- broadworks_profile_server
- broadworks_sharing_server
- broadworks_network_function_manager
- broadworks_database_troubleshooting_server_firmware
- broadworks_sharing_server_firmware
- broadworks_network_server_firmware
- broadworks_profile_server_firmware
CWE