Strix
26.1K

CVE-2023-20238

CRITICALCVSS 9.8/10EPSS 15.32%

Last modified

CVE-2023-20238 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. EPSS estimates a 15.32% chance of exploitation in the next 30 days.

Description

A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account. If that account is an Administrator account, the attacker would have the ability to view confidential information, modify customer settings, or modify settings for other users. To exploit this vulnerability, the attacker would need a valid user ID that is associated with an affected Cisco BroadWorks system.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
15.32%

96.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoBroadworks Application Delivery Platformri.2023.06
CiscoBroadworks Application Delivery Platformri.2023.07
CiscoBroadworks Xtended Services Platform< 23.0.1075.ap384245
CiscoBroadworks Xtended Services Platform2023.06
CiscoBroadworks Xtended Services Platform2023.07

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-20238?
A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account. If that account is an Administrator account, the attacker would have the ability to view confidential information, modify customer settings, or modify settings for other users. To exploit this vulnerability, the attacker would need a valid user ID that is associated with an affected Cisco BroadWorks system.
How severe is CVE-2023-20238?
CVE-2023-20238 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 15.32% probability of exploitation in the next 30 days.
How do I fix CVE-2023-20238?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-20238?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST