A vital vulnerability impacting the Cisco BroadWorks Utility Supply Platform and Cisco BroadWorks Xtended Companies Platform may enable distant attackers to forge credentials and bypass authentication.
Cisco BroadWorks is a cloud communication providers platform for companies and customers, whereas the 2 talked about parts are used for app administration and integration.
The flaw, found internally by Cisco security engineers, is tracked as CVE-2023-20238 and rated with a most CVSS rating of 10.0 (vital).
By exploiting the flaw, menace actors can freely execute instructions, entry confidential knowledge, alter consumer settings, and commit toll fraud.
The vulnerability impacts the Cisco Utility Supply Platform and BroadWorks Xtended Companies Platform if one of many following apps is lively on them:
- AuthenticationService
- BWCallCenter
- BWReceptionist
- CustomMediaFilesRetrieval
- ModeratorClientApp
- PublicECLQuery
- PublicReporting
- UCAPI
- Xsi-Actions
- Xsi-Occasions
- Xsi-MMTel
- Xsi-VTR
CVE-2023-20238 doesn’t impression another BroadWorks parts aside from the 2 talked about within the advisory, so customers of different merchandise don’t have to take any motion.
“This vulnerability is as a result of technique used to validate SSO (single sign-on) tokens,” reads Cisco’s security advisory.
“An attacker may exploit this vulnerability by authenticating to the appliance with solid credentials.”
The capabilities given to the attacker post-exploitation depend upon the privilege stage of the cast account, with “administrator” accounts being the worst doable state of affairs.
Nevertheless, one prerequisite to exploiting the flaw is to have a sound consumer ID linked to the focused Cisco BroadWorks system.
This situation would possibly cut back the variety of potential attackers who can exploit CVE-2023-20238, nevertheless it would not mitigate the issue, so the danger stays extreme.
Cisco has offered no workarounds for this flaw, so the really helpful resolution is to replace to AP.platform.23.0.1075.ap385341 for customers of the 23.0 department and to variations 2023.06_1.333 or 2023.07_1.332 for customers of the discharge impartial (RI) version.
CVE-2023-20238 additionally impacts customers of the 22.0 department, however Cisco is not going to be releasing a security replace for that model, so the urged response for customers of the older model is emigrate to a set launch.
At present, there aren’t any studies of lively exploitation of CVE-2023-20238 within the wild, however system admins ought to apply the obtainable updates as quickly as doable.
