Miembros de
Boletines de Vulnerabilidades |
Cisco BroadWorks Privilege Escalation Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the attacker More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-priv-esc-qTgUZOsQ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20BroadWorks%20Privilege%20Escalation%20Vulnerability&vs_k=1 |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2023-20216. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2023-07-20 |