← voltar
CVE-2023-20210

CVE-2023-20210

CVSS 6 MEDIUMEPSS 0.2%CWE-250
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 jul 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Produtos afetados
Cisco · Cisco BroadWorks

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW