Rewterz Threat Advisory – Multiple Cisco Industrial Network Director Vulnerabilities
January 17, 2023Rewterz Threat Advisory –CVE-2023-20019 – Cisco BroadWorks Application Delivery Platform, Application Server, and Xtended Services Platform Vulnerability
January 17, 2023Rewterz Threat Advisory – Multiple Cisco Industrial Network Director Vulnerabilities
January 17, 2023Rewterz Threat Advisory –CVE-2023-20019 – Cisco BroadWorks Application Delivery Platform, Application Server, and Xtended Services Platform Vulnerability
January 17, 2023Severity
Medium
Analysis Summary
CVE-2023-20002
Cisco TelePresence Collaboration Endpoint and RoomOS Software is vulnerable to server-side request forgery, caused by improper validation of user-supplied input. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to send arbitrary network requests that are sourced from the affected system.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2023-20002
Affected Vendors
Cisco
Affected Products
- Cisco RoomOS Software
- Cisco TelePresence Collaboration Endpoint Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.