Lucene search
PRIOn knowledge basePRION:CVE-2022-20951HistoryNov 04, 2022 - 6:15 p.m.
Server side request forgery (ssrf)
2022-11-0418:15:00
PRIOn knowledge base
www.prio-n.com
6
server-side request forgery
cisco broadworks
remote attacker
http request
insufficient validation
network security
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network.
{{value}} [“%7b%7bvalue%7d%7d”])}]]
| CPE | Name | Operator | Version |
|---|---|---|---|
| broadworks_messaging_server | lt | 23.0 |
Related
cve
cve
CVE-2022-20951
2022-11-04 18:15:11
nvd
nvd
CVE-2022-20951
2022-11-04 18:15:11
cvelist
cvelist
CVE-2022-20951
2022-11-03 19:26:36
cisco
cisco
Cisco BroadWorks CommPilot Application Software Vulnerabilities
2022-11-02 16:00:00