Cisco Broadworks Messaging Server vulnerabilities
2 known vulnerabilities affecting cisco/broadworks_messaging_server.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-20951MEDIUMCVSS 6.5fixed in 23.02022-11-04
CVE-2022-20951 [MEDIUM] CWE-918 CVE-2022-20951: A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application coul
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sendin
nvd
CVE-2021-1530HIGHCVSS 7.1v22.02021-05-06
CVE-2021-1530 [HIGH] CWE-611 CVE-2021-1530: A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certa
nvd