Vulnerability Details CVE-2023-20020
A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper input validation when parsing HTTP requests. An attacker could exploit this vulnerability by sending a sustained stream of crafted requests to an affected device. A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.8%
CVSS Severity
CVSS v3 Score 8.6
References
Products affected by CVE-2023-20020
-
cpe:2.3:a:cisco:broadworks_application_delivery_platform_device_management:22.0
-
cpe:2.3:a:cisco:broadworks_xtended_services_platform:22.0