What is the severity of cisco-sa-bw-privesc-yw4ekrXW?

The severity of the cisco-sa-bw-privesc-yw4ekrXW vulnerability is classified as high due to its potential for privilege escalation.

How do I fix cisco-sa-bw-privesc-yw4ekrXW?

To fix the cisco-sa-bw-privesc-yw4ekrXW vulnerability, upgrade to the recommended version of Cisco BroadWorks that addresses the privilege escalation issue.

Who is affected by cisco-sa-bw-privesc-yw4ekrXW?

The cisco-sa-bw-privesc-yw4ekrXW vulnerability affects authenticated users on devices running Cisco BroadWorks.

What types of attacks can exploit cisco-sa-bw-privesc-yw4ekrXW?

The cisco-sa-bw-privesc-yw4ekrXW vulnerability can be exploited by authenticated local attackers to gain root user privileges.

What is the cause of cisco-sa-bw-privesc-yw4ekrXW?

The cisco-sa-bw-privesc-yw4ekrXW vulnerability is caused by insufficient input validation within the operating system command line interface.

Vulnerability/
cisco-sa-bw-privesc-yw4ekrXW

medium

CWE

250 20

5/7/2023

cisco-sa-bw-privesc-yw4ekrXW: Cisco BroadWorks Privilege Escalation Vulnerability

First published: Wed Jul 05 2023(Updated: )

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device.The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by

Affected Software	Affected Version	How to fix
Cisco BroadWorks Xtended Services Platform Firmware

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2023-20210

Frequently Asked Questions

What is the severity of cisco-sa-bw-privesc-yw4ekrXW?
The severity of the cisco-sa-bw-privesc-yw4ekrXW vulnerability is classified as high due to its potential for privilege escalation.
How do I fix cisco-sa-bw-privesc-yw4ekrXW?
To fix the cisco-sa-bw-privesc-yw4ekrXW vulnerability, upgrade to the recommended version of Cisco BroadWorks that addresses the privilege escalation issue.
Who is affected by cisco-sa-bw-privesc-yw4ekrXW?
The cisco-sa-bw-privesc-yw4ekrXW vulnerability affects authenticated users on devices running Cisco BroadWorks.
What types of attacks can exploit cisco-sa-bw-privesc-yw4ekrXW?
The cisco-sa-bw-privesc-yw4ekrXW vulnerability can be exploited by authenticated local attackers to gain root user privileges.
What is the cause of cisco-sa-bw-privesc-yw4ekrXW?
The cisco-sa-bw-privesc-yw4ekrXW vulnerability is caused by insufficient input validation within the operating system command line interface.

collector/cisco-recent
agent/type
agent/event
agent/last-modified-date
agent/first-publish-date
agent/severity
agent/weakness
agent/references
agent/title
agent/description
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco broadworks xtended services platform firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.