CVE-2023-20238 - Vulnerability Details

A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system.

This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account. If that account is an Administrator account, the attacker would have the ability to view confidential information, modify customer settings, or modify settings for other users. To exploit this vulnerability, the attacker would need a valid user ID that is associated with an affected Cisco BroadWorks system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.30707.

Exploitation none

Automatable yes

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco BroadWorks

affected

Version	Status	Constraints
`23.0`	affected	—
`23.0 ap383785`	affected	—
`23.0 ap382487`	affected	—
`23.0 ap381781`	affected	—
`23.0 ap360007`	affected	—
`23.0 ap369295`	affected	—
`23.0 ap366358`	affected	—
`23.0 ap366677`	affected	—
`23.0 ap366803`	affected	—
`23.0 ap363128`	affected	—
`23.0 ap369529`	affected	—
`23.0 ap368445`	affected	—
`23.0 ap369227`	affected	—
`23.0 ap367332`	affected	—
`23.0 ap369881`	affected	—
`23.0 ap367874`	affected	—
`23.0 ap367974`	affected	—
`23.0 ap367998`	affected	—
`23.0 ap372337`	affected	—
`23.0 ap372706`	affected	—
`23.0 ap370193`	affected	—
`23.0 ap372389`	affected	—
`23.0 ap372708`	affected	—
`23.0 ap370911`	affected	—
`23.0 ap371681`	affected	—
`23.0 ap370952`	affected	—
`23.0 ap371436`	affected	—
`23.0 ap371155`	affected	—
`23.0 ap371682`	affected	—
`23.0 ap371775`	affected	—
`23.0 ap375449`	affected	—
`23.0 ap375720`	affected	—
`23.0 ap375661`	affected	—
`23.0 ap375097`	affected	—
`23.0 ap373562`	affected	—
`23.0 ap373015`	affected	—
`23.0 ap374971`	affected	—
`23.0 ap373034`	affected	—
`23.0 ap374324`	affected	—
`23.0 ap373899`	affected	—
`23.0 ap376041`	affected	—
`23.0 ap375003`	affected	—
`23.0 ap373539`	affected	—
`23.0 ap376179`	affected	—
`23.0 ap373299`	affected	—
`23.0 ap375908`	affected	—
`23.0 ap373391`	affected	—
`23.0 ap376252`	affected	—
`23.0 ap376429`	affected	—
`23.0 ap376410`	affected	—
`23.0 ap376426`	affected	—
`23.0 ap376485`	affected	—
`23.0 ap376620`	affected	—
`23.0 ap378025`	affected	—
`23.0 ap376671`	affected	—
`23.0 ap376614`	affected	—
`23.0 ap377578`	affected	—
`23.0 ap377516`	affected	—
`23.0 ap377515`	affected	—
`23.0 ap377494`	affected	—
`23.0 ap377984`	affected	—
`23.0 ap378863`	affected	—
`23.0 ap378882`	affected	—
`23.0 ap378218`	affected	—
`23.0 ap380161`	affected	—
`23.0 ap378257`	affected	—
`23.0 ap379888`	affected	—
`23.0 ap379326`	affected	—
`23.0 ap377149`	affected	—
`23.0 ap380446`	affected	—
`23.0 ap380180`	affected	—
`23.0 ap376935`	affected	—
`23.0 ap380473`	affected	—
`23.0 ap381091`	affected	—
`23.0 ap380783`	affected	—
`23.0 ap380537`	affected	—
`23.0 ap380512`	affected	—
`23.0 ap381072`	affected	—
`23.0 ap381584`	affected	—
`23.0 ap381088`	affected	—
`23.0 ap382053`	affected	—
`23.0 ap382253`	affected	—
`23.0 ap382709`	affected	—
`23.0 ap382717`	affected	—
`23.0 ap381498`	affected	—
`23.0 ap382992`	affected	—
`23.0 ap383594`	affected	—
`23.0 ap383168`	affected	—
`23.0 ap382362`	affected	—
`23.0 ap384431`	affected	—
`23.0 ap384428`	affected	—
`22.0`	affected	—
`22.0 ap375345`	affected	—
`22.0 ap382358`	affected	—
`22.0 ap347741`	affected	—
`22.0 ap377577`	affected	—
`22.0 ap372243`	affected	—
`22.0 ap372504`	affected	—
`22.0 ap360116`	affected	—
`22.0 ap368125`	affected	—
`22.0 ap367732`	affected	—
`22.0 ap357506`	affected	—
`22.0 ap380486`	affected	—
`22.0 ap379780`	affected	—
`22.0 ap351263`	affected	—
`22.0 ap366916`	affected	—
`22.0 ap363363`	affected	—
`22.0 ap374507`	affected	—
`22.0 ap372845`	affected	—
`22.0 ap373684`	affected	—
`22.0 ap366898`	affected	—
`22.0 ap368180`	affected	—
`22.0 ap366882`	affected	—
`22.0 ap369774`	affected	—
`22.0 ap374269`	affected	—
`22.0 ap365223`	affected	—
`22.0 ap359972`	affected	—
`22.0 ap359433`	affected	—
`22.0 ap359991`	affected	—
`22.0 ap358357`	affected	—
`22.0 ap360244`	affected	—
`22.0 ap369931`	affected	—
`22.0 ap367874`	affected	—
`22.0 ap376710`	affected	—
`22.0 ap342836`	affected	—
`22.0 ap346307`	affected	—
`22.0 ap345032`	affected	—
`22.0 ap354070`	affected	—
`22.0 ap354069`	affected	—
`22.0 ap353915`	affected	—
`22.0 ap349201`	affected	—
`22.0 ap350217`	affected	—
`22.0 ap350179`	affected	—
`22.0 ap354313`	affected	—
`22.0 ap354098`	affected	—
`22.0 ap353975`	affected	—
`22.0 ap348945`	affected	—
`22.0 ap354090`	affected	—
`22.0 ap350573`	affected	—
`22.0 ap352516`	affected	—
`22.0 ap352109`	affected	—
`22.0 ap353384`	affected	—
`22.0 ap353490`	affected	—
`22.0 ap352962`	affected	—
`22.0 ap352703`	affected	—
`22.0 ap353418`	affected	—
`22.0 ap351700`	affected	—
`22.0 ap352205`	affected	—
`22.0 ap353360`	affected	—
`22.0 ap352932`	affected	—
`22.0 ap354921`	affected	—
`22.0 ap352726`	affected	—
`22.0 ap355757`	affected	—
`22.0 ap352972`	affected	—
`22.0 ap353577`	affected	—
`22.0 ap356603`	affected	—
`22.0 ap355894`	affected	—
`22.0 ap355385`	affected	—
`22.0 ap353311`	affected	—
`22.0 ap355300`	affected	—
`22.0 ap355083`	affected	—
`22.0 ap357047`	affected	—
`22.0 ap353681`	affected	—
`22.0 ap356848`	affected	—
`22.0 ap356706`	affected	—
`22.0 ap356474`	affected	—
`22.0 ap355091`	affected	—
`22.0 ap354785`	affected	—
`22.0 ap355905`	affected	—
`22.0 ap355365`	affected	—
`22.0 ap356359`	affected	—
`22.0 ap356434`	affected	—
`22.0 ap354936`	affected	—
`22.0 ap355285`	affected	—
`22.0 ap355674`	affected	—
`22.0 ap355922`	affected	—
`22.0 ap354597`	affected	—
`22.0 ap356458`	affected	—
`22.0 ap356140`	affected	—
`22.0 ap354413`	affected	—
`22.0 ap357400`	affected	—
`22.0 ap357632`	affected	—
`22.0 ap356390`	affected	—
`22.0 ap357607`	affected	—
`22.0 ap357447`	affected	—
`22.0 ap357560`	affected	—
`22.0 ap357645`	affected	—
`22.0 ap357768`	affected	—
`22.0 ap357859`	affected	—
`22.0 ap357769`	affected	—
`22.0 ap358469`	affected	—
`22.0 ap359049`	affected	—
`22.0 ap358971`	affected	—
`22.0 ap358246`	affected	—
`22.0 ap358234`	affected	—
`22.0 ap359156`	affected	—
`22.0 ap359549`	affected	—
`22.0 ap358454`	affected	—
`22.0 ap358563`	affected	—
`22.0 ap360250`	affected	—
`22.0 ap360564`	affected	—
`22.0 ap358887`	affected	—
`22.0 ap359470`	affected	—
`22.0 ap359465`	affected	—
`22.0 ap359748`	affected	—
`22.0 ap360817`	affected	—
`22.0 ap360201`	affected	—
`22.0 ap361153`	affected	—
`22.0 ap360904`	affected	—
`22.0 ap359644`	affected	—
`22.0 ap359765`	affected	—
`22.0 ap360912`	affected	—
`22.0 ap360184`	affected	—
`22.0 ap361520`	affected	—
`22.0 ap362771`	affected	—
`22.0 ap361445`	affected	—
`22.0 ap361560`	affected	—
`22.0 ap362848`	affected	—
`22.0 ap361559`	affected	—
`22.0 ap361820`	affected	—
`22.0 ap361533`	affected	—
`22.0 ap362163`	affected	—
`22.0 ap362001`	affected	—
`22.0 ap362276`	affected	—
`22.0 ap362490`	affected	—
`22.0 ap361154`	affected	—
`22.0 ap362799`	affected	—
`22.0 ap363815`	affected	—
`22.0 ap362328`	affected	—
`22.0 ap363332`	affected	—
`22.0 ap368026`	affected	—
`22.0 ap363521`	affected	—
`22.0 ap364199`	affected	—
`22.0 ap363568`	affected	—
`22.0 ap363759`	affected	—
`22.0 ap363596`	affected	—
`22.0 ap366701`	affected	—
`22.0 ap366174`	affected	—
`22.0 ap363729`	affected	—
`22.0 ap363770`	affected	—
`22.0 ap366358`	affected	—
`22.0 ap366744`	affected	—
`22.0 ap366180`	affected	—
`22.0 ap366649`	affected	—
`22.0 ap365172`	affected	—
`22.0 ap365115`	affected	—
`22.0 ap366656`	affected	—
`22.0 ap364521`	affected	—
`22.0 ap364844`	affected	—
`22.0 ap364781`	affected	—
`22.0 ap365146`	affected	—
`22.0 ap364797`	affected	—
`22.0 ap364932`	affected	—
`22.0 ap365545`	affected	—
`22.0 ap365800`	affected	—
`22.0 ap365173`	affected	—
`22.0 ap364473`	affected	—
`22.0 ap365400`	affected	—
`22.0 ap367396`	affected	—
`22.0 ap365632`	affected	—
`22.0 ap365905`	affected	—
`22.0 ap367109`	affected	—
`22.0 ap365449`	affected	—
`22.0 ap365685`	affected	—
`22.0 ap367434`	affected	—
`22.0 ap365597`	affected	—
`22.0 ap365801`	affected	—
`22.0 ap365730`	affected	—
`22.0 ap365758`	affected	—
`22.0 ap365920`	affected	—
`22.0 ap371313`	affected	—
`22.0 ap367291`	affected	—
`22.0 ap365727`	affected	—
`22.0 ap367524`	affected	—
`22.0 ap371587`	affected	—
`22.0 ap367453`	affected	—
`22.0 ap365601`	affected	—
`22.0 ap365779`	affected	—
`22.0 ap371871`	affected	—
`22.0 ap371437`	affected	—
`22.0 ap372043`	affected	—
`22.0 ap372016`	affected	—
`22.0 ap367367`	affected	—
`22.0 ap372072`	affected	—
`22.0 ap372177`	affected	—
`22.0 ap371681`	affected	—
`22.0 ap372354`	affected	—
`22.0 ap371656`	affected	—
`22.0 ap371033`	affected	—
`22.0 ap371583`	affected	—
`22.0 ap371911`	affected	—
`22.0 ap371467`	affected	—
`22.0 ap372371`	affected	—
`22.0 ap368695`	affected	—
`22.0 ap368913`	affected	—
`22.0 ap368987`	affected	—
`22.0 ap372024`	affected	—
`22.0 ap372152`	affected	—
`22.0 ap371961`	affected	—
`22.0 ap369674`	affected	—
`22.0 ap369173`	affected	—
`22.0 ap369863`	affected	—
`22.0 ap369641`	affected	—
`22.0 ap368604`	affected	—
`22.0 ap368087`	affected	—
`22.0 ap368216`	affected	—
`22.0 ap369934`	affected	—
`22.0 ap368326`	affected	—
`22.0 ap369219`	affected	—
`22.0 ap369227`	affected	—
`22.0 ap368422`	affected	—
`22.0 ap369881`	affected	—
`22.0 ap369550`	affected	—
`22.0 ap369668`	affected	—
`22.0 ap369571`	affected	—
`22.0 ap372433`	affected	—
`22.0 ap370654`	affected	—
`22.0 ap370138`	affected	—
`22.0 ap370615`	affected	—
`22.0 ap372643`	affected	—
`22.0 ap372708`	affected	—
`22.0 ap370590`	affected	—
`22.0 ap372390`	affected	—
`22.0 ap372757`	affected	—
`22.0 ap370636`	affected	—
`22.0 ap372750`	affected	—
`22.0 ap372706`	affected	—
`22.0 ap370269`	affected	—
`22.0 ap370180`	affected	—
`22.0 ap370675`	affected	—
`22.0 ap370737`	affected	—
`22.0 ap370424`	affected	—
`22.0 ap370544`	affected	—
`22.0 ap374339`	affected	—
`22.0 ap370459`	affected	—
`22.0 ap370545`	affected	—
`22.0 ap370389`	affected	—
`22.0 ap374803`	affected	—
`22.0 ap370358`	affected	—
`22.0 ap373539`	affected	—
`22.0 ap373118`	affected	—
`22.0 ap373855`	affected	—
`22.0 ap373820`	affected	—
`22.0 ap373438`	affected	—
`22.0 ap374660`	affected	—
`22.0 ap373018`	affected	—
`22.0 ap373954`	affected	—
`22.0 ap374230`	affected	—
`22.0 ap374330`	affected	—
`22.0 ap374460`	affected	—
`22.0 ap372956`	affected	—
`22.0 ap373111`	affected	—
`22.0 ap374114`	affected	—
`22.0 ap373122`	affected	—
`22.0 ap373108`	affected	—
`22.0 ap374356`	affected	—
`22.0 ap375069`	affected	—
`22.0 ap373899`	affected	—
`22.0 ap374971`	affected	—
`22.0 ap375862`	affected	—
`22.0 ap375354`	affected	—
`22.0 ap375688`	affected	—
`22.0 ap373046`	affected	—
`22.0 ap373452`	affected	—
`22.0 ap374334`	affected	—
`22.0 ap374428`	affected	—
`22.0 ap374596`	affected	—
`22.0 ap372963`	affected	—
`22.0 ap376041`	affected	—
`22.0 ap376410`	affected	—
`22.0 ap376298`	affected	—
`22.0 ap372799`	affected	—
`22.0 ap376181`	affected	—
`22.0 ap375090`	affected	—
`22.0 ap376416`	affected	—
`22.0 ap373098`	affected	—
`22.0 ap375937`	affected	—
`22.0 ap376531`	affected	—
`22.0 ap375465`	affected	—
`22.0 ap376100`	affected	—
`22.0 ap375634`	affected	—
`22.0 ap375091`	affected	—
`22.0 ap375018`	affected	—
`22.0 ap375743`	affected	—
`22.0 ap375383`	affected	—
`22.0 ap375719`	affected	—
`22.0 ap376614`	affected	—
`22.0 ap376541`	affected	—
`22.0 ap375685`	affected	—
`22.0 ap374895`	affected	—
`22.0 ap376429`	affected	—
`22.0 ap379838`	affected	—
`22.0 ap380187`	affected	—
`22.0 ap380143`	affected	—
`22.0 ap379972`	affected	—
`22.0 ap380535`	affected	—
`22.0 ap380117`	affected	—
`22.0 ap380473`	affected	—
`22.0 ap375924`	affected	—
`22.0 ap379833`	affected	—
`22.0 ap376661`	affected	—
`22.0 ap380041`	affected	—
`22.0 ap380391`	affected	—
`22.0 ap379795`	affected	—
`22.0 ap376701`	affected	—
`22.0 ap376668`	affected	—
`22.0 ap377384`	affected	—
`22.0 ap377480`	affected	—
`22.0 ap377581`	affected	—
`22.0 ap376652`	affected	—
`22.0 ap376620`	affected	—
`22.0 ap378405`	affected	—
`22.0 ap377494`	affected	—
`22.0 ap378440`	affected	—
`22.0 ap378581`	affected	—
`22.0 ap377307`	affected	—
`22.0 ap377566`	affected	—
`22.0 ap378585`	affected	—
`22.0 ap377149`	affected	—
`22.0 ap378471`	affected	—
`22.0 ap377412`	affected	—
`22.0 ap377068`	affected	—
`22.0 ap377757`	affected	—
`22.0 ap378332`	affected	—
`22.0 ap379016`	affected	—
`22.0 ap378866`	affected	—
`22.0 ap378079`	affected	—
`22.0 ap378509`	affected	—
`22.0 ap378953`	affected	—
`22.0 ap377779`	affected	—
`22.0 ap379008`	affected	—
`22.0 ap379694`	affected	—
`22.0 ap379597`	affected	—
`22.0 ap378882`	affected	—
`22.0 ap379389`	affected	—
`22.0 ap379487`	affected	—
`22.0 ap379374`	affected	—
`22.0 ap380771`	affected	—
`22.0 ap381594`	affected	—
`22.0 ap381243`	affected	—
`22.0 ap380629`	affected	—
`22.0 ap380751`	affected	—
`22.0 ap382158`	affected	—
`22.0 ap378999`	affected	—
`22.0 ap381136`	affected	—
`22.0 ap382240`	affected	—
`22.0 ap382362`	affected	—
`22.0 ap382192`	affected	—
`22.0 ap381091`	affected	—
`22.0 ap382251`	affected	—
`22.0 ap381732`	affected	—
`22.0 ap381584`	affected	—
`22.0 ap381118`	affected	—
`22.0 ap382717`	affected	—
`22.0 ap383569`	affected	—
`22.0 ap382487`	affected	—
`22.0 ap383002`	affected	—
`22.0 ap382434`	affected	—
`22.0 ap383170`	affected	—
`22.0 ap383309`	affected	—
`22.0 ap383514`	affected	—
`22.0 ap383710`	affected	—
`22.0 ap382977`	affected	—
`22.0 ap382488`	affected	—
`22.0 ap383134`	affected	—
`22.0 ap359429`	affected	—
`21.sp1 ap351795`	affected	—
`21.sp1 ap348143`	affected	—
`21.sp1 ap351216`	affected	—
`21.sp1 ap339376`	affected	—
`21.sp1 ap358132`	affected	—
`21.sp1 ap355717`	affected	—
`21.sp1 ap346074`	affected	—
`21.sp1 ap373102`	affected	—
`21.sp1 ap235252`	affected	—
`21.sp1 ap242300`	affected	—
`21.sp1 ap338964`	affected	—
`21.sp1 ap339196`	affected	—
`21.sp1 ap341645`	affected	—
`21.sp1 ap341897`	affected	—
`21.sp1 ap342461`	affected	—
`21.sp1 ap342625`	affected	—
`21.sp1 ap342755`	affected	—
`21.sp1 ap342853`	affected	—
`21.sp1 ap343352`	affected	—
`21.sp1 ap344270`	affected	—
`21.sp1 ap344479`	affected	—
`21.sp1 ap344681`	affected	—
`21.sp1 ap345054`	affected	—
`21.sp1 ap345293`	affected	—
`21.sp1 ap345755`	affected	—
`21.sp1 ap348472`	affected	—
`21.sp1 ap349222`	affected	—
`21.sp1 ap350050`	affected	—
`21.sp1 ap350189`	affected	—
`21.sp1 ap351248`	affected	—
`21.sp1 ap351295`	affected	—
`21.sp1 ap351530`	affected	—
`21.sp1 ap351754`	affected	—
`21.sp1 ap351898`	affected	—
`21.sp1 ap352082`	affected	—
`21.sp1 ap352205`	affected	—
`21.sp1 ap352972`	affected	—
`21.sp1 ap353418`	affected	—
`21.sp1 ap353841`	affected	—
`21.sp1 ap354707`	affected	—
`21.sp1 ap356271`	affected	—
`21.sp1 ap356787`	affected	—
`21.sp1 ap357574`	affected	—
`21.sp1 ap358730`	affected	—
`21.sp1 ap360211`	affected	—
`21.sp1 ap360306`	affected	—
`21.sp1 ap361420`	affected	—
`21.sp1 ap365379`	affected	—
`21.sp1 ap365390`	affected	—
`21.sp1 ap366348`	affected	—
`21.sp1 ap374822`	affected	—
`21.sp1 ap375026`	affected	—
`21.sp1 ap375053`	affected	—
`21.0 ap349066`	affected	—
`21.0 ap364358`	affected	—
`21.0 ap362637`	affected	—
`21.0 ap342145`	affected	—
`21.0 ap357571`	affected	—
`21.0 ap362825`	affected	—
`21.0 ap361559`	affected	—
`21.0 ap339395`	affected	—
`21.0 ap348945`	affected	—
`21.0 ap346902`	affected	—
`21.0 ap350308`	affected	—
`21.0 ap363301`	affected	—
`21.0 ap349850`	affected	—
`21.0 ap344752`	affected	—
`21.0 ap347640`	affected	—
`21.0 ap350111`	affected	—
`21.0 ap355616`	affected	—
`21.0 ap353841`	affected	—
`21.0 ap346128`	affected	—
`21.0 ap350204`	affected	—
`21.0 ap341897`	affected	—
`21.0 ap347064`	affected	—
`21.0 ap350032`	affected	—
`21.0 ap351261`	affected	—
`21.0 ap352182`	affected	—
`21.0 ap350760`	affected	—
`21.0 ap363408`	affected	—
`21.sp1 ap340545`	affected	—
`21.sp1 ap341683`	affected	—
`21.sp1 ap341909`	affected	—
`21.sp1 ap342214`	affected	—
`21.sp1 ap344301`	affected	—
`21.sp1 ap344783`	affected	—
`21.sp1 ap346270`	affected	—
`21.sp1 ap346351`	affected	—
`21.sp1 ap347928`	affected	—
`21.sp1 ap349517`	affected	—
`21.sp1 ap349090`	affected	—
`21.sp1 ap351315`	affected	—
`21.sp1 ap352304`	affected	—
`21.sp1 ap351738`	affected	—
`21.sp1 ap354194`	affected	—
`21.sp1 ap357347`	affected	—
`21.sp1 ap364778`	affected	—
`21.sp1 ap372422`	affected	—
`21.sp1 ap371281`	affected	—
`21.sp1 ap370908`	affected	—
`21.sp1 ap379493`	affected	—
`21.sp1 ap380506`	affected	—
`21.sp9 ap360116`	affected	—
`21.sp9 ap367207`	affected	—
`RI.2021.02`	affected	—
`RI.2021.08`	affected	—
`RI.2021.09`	affected	—
`RI.2021.10`	affected	—
`RI.2021.11`	affected	—
`RI.2021.12`	affected	—
`RI.2022.02`	affected	—
`RI.2022.03`	affected	—
`RI.2022.04`	affected	—
`RI.2022.07`	affected	—
`RI.2022.06`	affected	—
`RI.2022.05`	affected	—
`RI.2022.08`	affected	—
`RI.2022.09`	affected	—
`RI.2022.10`	affected	—
`RI.2022.12`	affected	—
`RI.2023.01`	affected	—
`RI.2023.03`	affected	—
`RI.2023.02`	affected	—
`RI.2023.04`	affected	—
`RI.2023.05`	affected	—
`RI.2023.07`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:cisco:broadworks_application_delivery_platform:ri.2023.06:::::::*
	cpe:2.3:a:cisco:broadworks_application_delivery_platform:ri.2023.07:::::::*
	cpe:2.3:a:cisco:broadworks_xtended_services_platform:::::-:::*
	cpe:2.3:a:cisco:broadworks_xtended_services_platform:2023.06::::release_independent:::
	cpe:2.3:a:cisco:broadworks_xtended_services_platform:2023.07::::release_independent:::

No data.

Project Subscriptions

Vendors	Products
Cisco Subscribe	Broadworks Application Delivery Platform Subscribe Broadworks Xtended Services Platform Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-auth-bypass-kCggMWhX

History

Tue, 16 Dec 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'Yes', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 23 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'Yes', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-09-06T17:08:28.178Z

Updated: 2025-12-16T18:23:20.786Z

Reserved: 2022-10-27T18:47:50.370Z

Link: CVE-2023-20238

Vulnrichment

Updated: 2024-08-02T09:05:36.796Z

NVD

Status : Modified

Published: 2023-09-06T18:15:08.043

Modified: 2024-11-21T07:40:57.973

Link: CVE-2023-20238

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object