CVE-2023-20125Uncontrolled Resource Consumption in Cisco Broadworks

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
8.6HIGHNVD
EPSS
0.3%
top 44.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Broadworks
Timeline
PublishedNov 15

Description

A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An attacker could exploit this vulnerability by sending a high rate of TCP connections to the server. A successful exploit could allow the attacker to cause TCP connection resources to grow rapidly unti

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages1 packages

CVEListV5cisco/cisco_broadworks1579 versions+1578

🔴Vulnerability Details

2
CVEList
Cisco BroadWorks Network Server TCP Denial of Service Vulnerability2024-11-15
GHSA
GHSA-rhfh-m68w-rv9h: A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources,2024-11-15

📋Vendor Advisories

1
Cisco
Cisco BroadWorks Network Server TCP Denial of Service Vulnerability2023-04-19
CVE-2023-20125 — Uncontrolled Resource Consumption | cvebase