{ "id": "CVE-2023-20210", "sourceIdentifier": "ykramarz@cisco.com", "published": "2023-07-12T14:15:09.873", "lastModified": "2023-07-21T16:39:25.657", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device.\r\n\r The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 0.8, "impactScore": 5.2 }, { "source": "ykramarz@cisco.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 0.8, "impactScore": 5.2 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_application_delivery_platform_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CDF6D51-FF53-4F81-9609-9ADC2F9B4E9E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_application_delivery_platform_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "3F2C7C8D-4A8F-47F8-BD52-02B9381BA452" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_application_delivery_platform_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BADCEEA-9E45-4B49-8234-A874D5C47E21" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_application_delivery_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CDB68D-72F2-4A67-969D-AB093F4B2527" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_application_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2CCE1A7-DD95-45FA-B82D-7E7681131447" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_application_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "595D1BB0-8545-444B-8CB3-92A1BC646437" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_application_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "FD6DF734-B36E-4CAC-A9B0-0829CE88CF7C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_application_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE31A7A6-45A7-44BC-A9EE-A193BB15AA1C" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_database_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "EF31D4CA-E2C3-4FC9-BA71-DB50644D0158" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_database_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "358A3B7C-77FB-42BC-BA51-D936CA36E52D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_database_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC28F823-06DC-4BE4-89E8-0D76A01472E9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_database_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "30CB65C5-E160-4459-B16B-78FD71FFE549" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_database_troubleshooting_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8566E4D-47F0-4B3C-BB39-67C5D57A292B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_database_troubleshooting_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3C82E9E-9B6B-4B9A-B5C3-020352AC2D76" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_database_troubleshooting_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "74A40E6E-FE9F-412D-88FD-90AEDE55AAB7" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_database_troubleshooting_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "313B4B45-666C-48F1-ABAE-056247C5BFD0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_execution_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "720FC8C3-3222-4FAC-B052-3C11E70E4CAA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_execution_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE3994FF-091A-487A-A85E-597797185937" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_execution_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "BF5375C4-D15C-49B8-8833-BDDABA76804E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_execution_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE222212-E176-444E-89E8-00B506CE648B" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_media_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "3EAB828D-E0BE-44E9-A659-EB1D0807401A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_media_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "983911BD-E602-4ED2-AE47-27F059F66A08" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_media_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AF181A6-5A46-426C-9C8A-C445A47E3D66" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_media_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "E47499AE-1115-48A3-B48C-9064C60FAB70" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_messaging_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "59D5FC69-B787-4263-AE14-02307B9539CD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_messaging_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BA89033-CABE-4DB3-8B42-63889ABBE11E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_messaging_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AC9E9FF-0DC8-4437-8578-0FDA55F93A7E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_messaging_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "90CB7EDC-291B-49AC-B0BF-B13833D503FB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_database_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "9E98249C-02C4-43ED-8314-4A9B73A4F349" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_database_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C1560DD-2523-4BA1-AAA6-7DD1232743ED" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_database_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "6400EF54-92D4-4CC4-86D3-05983E279BB9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_network_database_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0338AF8-F431-4DFD-871E-77FD5A8BC0C4" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_function_manager_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "4ED75C3C-3D16-4756-8E67-D74F49659BEE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_function_manager_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "6D167D62-1392-4D01-8818-74F2B47656FD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_function_manager_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "A17B1382-7070-42C4-B42D-B8DA04847EFD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_network_function_manager:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE40758F-56F2-4C7E-B614-2B2DDEFDE03F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "28898C00-203A-4309-B7C3-E61A06AA82AB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "75AE58C6-46B7-4C40-8C3B-460E5C7D1BFF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_network_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "FBB178D9-1775-4CFB-B246-D996C0A5BD8E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_network_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "2462A0CA-3112-431D-A1D8-F40D99824ED6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_profile_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "E035554A-5B8B-458A-9B61-4DCC854B5BEB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_profile_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C76642D-5125-434F-B835-3F2FCA1ADD43" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_profile_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC59FF23-541E-4496-86C0-3F7770CE8601" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_profile_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "68B2B0ED-0A3C-42FA-9532-E375D6979435" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_service_control_function_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C2F1BB8-563F-4E3C-8C19-B3C2CA5D6A3E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_service_control_function_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "A68B5DAD-4881-4ACC-8829-8856F8C360AE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_service_control_function_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0DB64E9-AFF7-4176-8DA5-5D5A56A1B4BC" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_service_control_function_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "48FDE907-B2EC-4390-96C9-0C0E2A1A17D5" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_sharing_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7FBD60F-05F8-427E-8DA6-A9AB498F44BB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_sharing_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "F7EF12A5-11D1-4B35-ACD2-B353F347AD03" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_sharing_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "00B75518-3D13-47CA-927D-12D813246128" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_sharing_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EA9EFCC-0F1A-4867-9DE9-7A01FB880701" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_video_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "D8E60AFC-0658-46E4-AE54-8D588CD0EC34" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_video_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA8472C8-F0E9-46A1-A617-637800F00F69" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_video_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "28B1BA21-2859-4942-9EF9-A5E2D15B85DF" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_video_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "8470F28E-49FC-4C95-BE9A-2F54E8AA2DFB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_webrtc_server_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "444BA319-2679-4342-98B0-C6E14B1C1F0C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_webrtc_server_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC2345B0-08A4-4EA4-8952-9C53C1A83B83" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_webrtc_server_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "A95D5D2F-5470-4F12-8838-B2024307D3FA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_webrtc_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "481B20C2-65AE-4A03-9CB2-0AA74978C85A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_xtended_services_platform_firmware:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1DC218C-B490-4163-81C4-A693E3DD8ABC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_xtended_services_platform_firmware:24.0:*:*:*:*:*:*:*", "matchCriteriaId": "18324056-77F4-43A2-B5D2-BCD414E7D907" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:broadworks_xtended_services_platform_firmware:25.0:*:*:*:*:*:*:*", "matchCriteriaId": "12070486-7EC8-4103-A1A2-F6FD1A79DCE6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:broadworks_xtended_services_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4400D87-8862-421C-BAF4-E2481ACEDE4D" } ] } ] } ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }