Denial of Service Vulnerability in Cisco BroadWorks Platforms
CVE-2023-20020
8.6HIGH
Summary
A vulnerability exists in the Device Management Servlet of Cisco BroadWorks platforms that could enable an unauthenticated remote attacker to trigger a denial of service (DoS) condition. This issue arises from inadequate input validation during the handling of HTTP requests. By sending a continuous stream of specifically crafted requests, an attacker could prevent the affected device from processing subsequent requests, effectively causing a DoS situation.
Affected Version(s)
Cisco BroadWorks 23.0
Cisco BroadWorks 23.0 ap380391
Cisco BroadWorks 23.0 ap380396
References
CVSS V3.1
Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved