Lucene search

CiscoCVE-2021-34785

HistorySep 09, 2021 - 5:15 a.m.

CVE-2021-34785

2021-09-0905:15:12

CWE-620

CWE-287

cisco

web.nvd.nist.gov

cisco

broadworks

commpilot

application software

vulnerabilities

cve-2021-34785

nvd

security

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.003

Percentile

66.3%

JSON

Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

Affected configurations

Nvd

Node

ciscobroadworks_commpilot_application_softwareRange22.0–22.0.2021.09

ciscobroadworks_commpilot_application_softwareRange23.0–23.0.2021.09

ciscobroadworks_commpilot_application_softwareRange24.0–24.0.2021.09

VendorProductVersionCPE
ciscobroadworks_commpilot_application_software*cpe:2.3:a:cisco:broadworks_commpilot_application_software:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	broadworks_commpilot_application_software	*	cpe:2.3:a:cisco:broadworks_commpilot_application_software::::::::

CNA Affected

[
  {
    "product": "Cisco BroadWorks",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-dJ9JT67N

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.003

Percentile

66.3%

JSON

Related for CVE-2021-34785