SSO Implementation Flaw In Cisco Broadworks Let Attackers Forge Credentials


A single sign-on (SSO) implementation flaw in the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform might make it possible for a remote, unauthenticated attacker to forge credentials to access a vulnerable system.

This “Critical” severity vulnerability has a CVSS base score of 10.0 and is tracked as CVE-2023-20238.

Cisco has issued software upgrades to address this vulnerability. There are no workarounds that address this vulnerability.

Read more…