Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Authentication Bypass Vulnerability (CVE-2023-20238)

Advisory No: TZCERT/SA/2023/09/08

Date of First Release: 8^th September 2023

Source: CISCO

Software Affected:  Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform

Overview:

A vulnerability classified as critical has been identified to affect an unknown functionality of the component Single Sign-On (SSO). The vulnerability may allow an attacker to compromise the confidentiality, integrity and availability of the affected system.

Description:

A weakness in the method used to validate SSO tokens in the Cisco BroadWorks could allow an unauthenticated remote attacker to forge credentials required to the affected system. Upon successful exploitation of the vulnerability, an attacker with administrative privileged account will have the ability to view confidential information, modify customer settings or modify settings for other users.

Impact:

Successful exploitation of this vulnerability may allow the attacker to execute commands at the privilege level of the forged account.

Solution:

Cisco has released a patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-auth-bypass-kCggMWhX