Synopsis: A vulnerability has been discovered in Cisco’s BroadWorks Application Delivery Platform being tracked as CVE-2023-20238 with a CVSS score of 10. This vulnerability allows attackers to gain access to the system using forged credentials utilizing a flaw in the SSO implementation for BroadWorks.

There is no current workaround for this flaw, so Cisco recommends updating to the most recent version.

Action: Update to the patched version mentioned in Cisco’s advisory here.

Associated Articles: 

Cisco BroadWorks impacted by critical authentication bypass flaw

Cisco Security Advisory

Email Team