VYPR

BroadWorks

by Cisco Systems, Inc.

CVEs (16)

  • CVE-2023-20238CriSep 6, 2023
    risk 0.66cvss 10.0epss 0.15

    A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This…

  • CVE-2023-20020HigJan 20, 2023
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. …

  • CVE-2022-20958HigNov 4, 2022
    risk 0.54cvss 8.3epss 0.01

    A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation…

  • CVE-2022-20951HigNov 4, 2022
    risk 0.50cvss 7.7epss 0.02

    A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of…

  • CVE-2025-20165HigJan 22, 2025
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper memory handling for…

  • CVE-2021-34786MedSep 9, 2021
    risk 0.42cvss 6.5epss 0.01

    Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

  • CVE-2021-34785MedSep 9, 2021
    risk 0.42cvss 6.5epss 0.01

    Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

  • CVE-2023-20019MedJan 20, 2023
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…

  • CVE-2022-20869MedAug 10, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the…

  • CVE-2023-20210MedJul 12, 2023
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability…

  • CVE-2023-20204MedAug 3, 2023
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the…

  • CVE-2021-1530MedMay 6, 2021
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability is due…

  • CVE-2025-20307MedJul 2, 2025
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient…

  • CVE-2024-20270MedJan 17, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the…

  • CVE-2023-20216MedAug 3, 2023
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An…

  • CVE-2021-1562MedJul 8, 2021
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands…