CVE-2023-20020 - Vulnerability Details

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to improper input validation when parsing HTTP requests. An attacker could exploit this vulnerability by sending a sustained stream of crafted requests to an affected device. A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00384.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco BroadWorks

affected

Version	Status	Constraints
`23.0`	affected	—
`23.0 ap380391`	affected	—
`23.0 ap380396`	affected	—
`23.0 ap379795`	affected	—
`23.0 ap373098`	affected	—
`23.0 ap382864`	affected	—
`23.0 ap382358`	affected	—
`23.0 ap382281`	affected	—
`23.0 ap367434`	affected	—
`23.0 ap376661`	affected	—
`23.0 ap380691`	affected	—
`23.0 ap383569`	affected	—
`23.0 ap375601`	affected	—
`23.0 ap372017`	affected	—
`23.0 ap383519`	affected	—
`23.0 ap375345`	affected	—
`23.0 ap371300`	affected	—
`23.0 ap383785`	affected	—
`23.0 ap380771`	affected	—
`23.0 ap351263`	affected	—
`23.0 ap376010`	affected	—
`23.0 ap382487`	affected	—
`23.0 ap383490`	affected	—
`23.0 ap383710`	affected	—
`23.0 ap375383`	affected	—
`23.0 ap375309`	affected	—
`23.0 ap375465`	affected	—
`23.0 ap380201`	affected	—
`23.0 ap380041`	affected	—
`23.0 ap380507`	affected	—
`23.0 ap379461`	affected	—
`23.0 ap377147`	affected	—
`23.0 ap376261`	affected	—
`23.0 ap381243`	affected	—
`23.0 ap381271`	affected	—
`23.0 ap382195`	affected	—
`23.0 ap380130`	affected	—
`23.0 ap380232`	affected	—
`23.0 ap377483`	affected	—
`23.0 ap383716`	affected	—
`23.0 ap383913`	affected	—
`23.0 ap383943`	affected	—
`23.0 ap383955`	affected	—
`23.0 ap383979`	affected	—
`23.0 ap383838`	affected	—
`23.0 ap384023`	affected	—
`23.0 ap381781`	affected	—
`23.0 ap383717`	affected	—
`23.0 ap383797`	affected	—
`23.0 ap383815`	affected	—
`23.0 ap383998`	affected	—
`23.0 ap384015`	affected	—
`23.0 ap384127`	affected	—
`23.0 ap384131`	affected	—
`23.0 ap384151`	affected	—
`23.0 ap384173`	affected	—
`23.0 ap384179`	affected	—
`23.0 ap384185`	affected	—
`23.0 ap384211`	affected	—
`23.0 ap384220`	affected	—
`23.0 ap384227`	affected	—
`23.0 ap384344`	affected	—
`23.0 ap363366`	affected	—
`23.0 ap364258`	affected	—
`23.0 ap364844`	affected	—
`23.0 ap365170`	affected	—
`23.0 ap365576`	affected	—
`23.0 ap365858`	affected	—
`23.0 ap366221`	affected	—
`23.0 ap366294`	affected	—
`23.0 ap365801`	affected	—
`23.0 ap366170`	affected	—
`23.0 ap364925`	affected	—
`23.0 ap366295`	affected	—
`23.0 ap366346`	affected	—
`23.0 ap366348`	affected	—
`23.0 ap365171`	affected	—
`23.0 ap364295`	affected	—
`23.0 ap364559`	affected	—
`23.0 ap366118`	affected	—
`23.0 ap366252`	affected	—
`23.0 ap363815`	affected	—
`23.0 ap363729`	affected	—
`23.0 ap365390`	affected	—
`23.0 ap364932`	affected	—
`23.0 ap365239`	affected	—
`23.0 ap365759`	affected	—
`23.0 ap366211`	affected	—
`23.0 ap366290`	affected	—
`23.0 ap365223`	affected	—
`23.0 ap366117`	affected	—
`23.0 ap365730`	affected	—
`23.0 ap366299`	affected	—
`23.0 ap366261`	affected	—
`23.0 ap365889`	affected	—
`23.0 ap366181`	affected	—
`23.0 ap365115`	affected	—
`23.0 ap364048`	affected	—
`23.0 ap366298`	affected	—
`23.0 ap364699`	affected	—
`23.0 ap345032`	affected	—
`23.0 ap362683`	affected	—
`23.0 ap363361`	affected	—
`23.0 ap352969`	affected	—
`23.0 ap359103`	affected	—
`23.0 ap366375`	affected	—
`23.0 ap366870`	affected	—
`23.0 ap366912`	affected	—
`23.0 ap366624`	affected	—
`23.0 ap367109`	affected	—
`23.0 ap366397`	affected	—
`23.0 ap354354`	affected	—
`23.0 ap349850`	affected	—
`23.0 ap366880`	affected	—
`23.0 ap360007`	affected	—
`23.0 ap366744`	affected	—
`23.0 ap366747`	affected	—
`23.0 ap366656`	affected	—
`23.0 ap367206`	affected	—
`23.0 ap362771`	affected	—
`23.0 ap367291`	affected	—
`23.0 ap366916`	affected	—
`23.0 ap367207`	affected	—
`23.0 ap363363`	affected	—
`23.0 ap366959`	affected	—
`23.0 ap351530`	affected	—
`23.0 ap361116`	affected	—
`23.0 ap366898`	affected	—
`23.0 ap357608`	affected	—
`23.0 ap361533`	affected	—
`23.0 ap366827`	affected	—
`23.0 ap352962`	affected	—
`23.0 ap366412`	affected	—
`23.0 ap369295`	affected	—
`23.0 ap366358`	affected	—
`23.0 ap366677`	affected	—
`23.0 ap366882`	affected	—
`23.0 ap366972`	affected	—
`23.0 ap366486`	affected	—
`23.0 ap366803`	affected	—
`23.0 ap358290`	affected	—
`23.0 ap363265`	affected	—
`23.0 ap363128`	affected	—
`23.0 ap366701`	affected	—
`23.0 ap366373`	affected	—
`23.0 ap369674`	affected	—
`23.0 ap369206`	affected	—
`23.0 ap369065`	affected	—
`23.0 ap368327`	affected	—
`23.0 ap368308`	affected	—
`23.0 ap368632`	affected	—
`23.0 ap367290`	affected	—
`23.0 ap369302`	affected	—
`23.0 ap368419`	affected	—
`23.0 ap369501`	affected	—
`23.0 ap369219`	affected	—
`23.0 ap368601`	affected	—
`23.0 ap368604`	affected	—
`23.0 ap368706`	affected	—
`23.0 ap368461`	affected	—
`23.0 ap368612`	affected	—
`23.0 ap368552`	affected	—
`23.0 ap369529`	affected	—
`23.0 ap369748`	affected	—
`23.0 ap368218`	affected	—
`23.0 ap368913`	affected	—
`23.0 ap369607`	affected	—
`23.0 ap369693`	affected	—
`23.0 ap368957`	affected	—
`23.0 ap368510`	affected	—
`23.0 ap368445`	affected	—
`23.0 ap369106`	affected	—
`23.0 ap369257`	affected	—
`23.0 ap368987`	affected	—
`23.0 ap369150`	affected	—
`23.0 ap368695`	affected	—
`23.0 ap368167`	affected	—
`23.0 ap370361`	affected	—
`23.0 ap367969`	affected	—
`23.0 ap367367`	affected	—
`23.0 ap369434`	affected	—
`23.0 ap369132`	affected	—
`23.0 ap367678`	affected	—
`23.0 ap367517`	affected	—
`23.0 ap369863`	affected	—
`23.0 ap369227`	affected	—
`23.0 ap368970`	affected	—
`23.0 ap369454`	affected	—
`23.0 ap367332`	affected	—
`23.0 ap368067`	affected	—
`23.0 ap369641`	affected	—
`23.0 ap367794`	affected	—
`23.0 ap369934`	affected	—
`23.0 ap370196`	affected	—
`23.0 ap367358`	affected	—
`23.0 ap367453`	affected	—
`23.0 ap369881`	affected	—
`23.0 ap367732`	affected	—
`23.0 ap367294`	affected	—
`23.0 ap367646`	affected	—
`23.0 ap367874`	affected	—
`23.0 ap370344`	affected	—
`23.0 ap367524`	affected	—
`23.0 ap368153`	affected	—
`23.0 ap368087`	affected	—
`23.0 ap367820`	affected	—
`23.0 ap368180`	affected	—
`23.0 ap367726`	affected	—
`23.0 ap370103`	affected	—
`23.0 ap367974`	affected	—
`23.0 ap367396`	affected	—
`23.0 ap367340`	affected	—
`23.0 ap367293`	affected	—
`23.0 ap369855`	affected	—
`23.0 ap368140`	affected	—
`23.0 ap367298`	affected	—
`23.0 ap367998`	affected	—
`23.0 ap372337`	affected	—
`23.0 ap372706`	affected	—
`23.0 ap368032`	affected	—
`23.0 ap367906`	affected	—
`23.0 ap370138`	affected	—
`23.0 ap372380`	affected	—
`23.0 ap372246`	affected	—
`23.0 ap370193`	affected	—
`23.0 ap372643`	affected	—
`23.0 ap372560`	affected	—
`23.0 ap367513`	affected	—
`23.0 ap369931`	affected	—
`23.0 ap368195`	affected	—
`23.0 ap372243`	affected	—
`23.0 ap368216`	affected	—
`23.0 ap369929`	affected	—
`23.0 ap367365`	affected	—
`23.0 ap367782`	affected	—
`23.0 ap367675`	affected	—
`23.0 ap372757`	affected	—
`23.0 ap372389`	affected	—
`23.0 ap372799`	affected	—
`23.0 ap372641`	affected	—
`23.0 ap371050`	affected	—
`23.0 ap372338`	affected	—
`23.0 ap372623`	affected	—
`23.0 ap372422`	affected	—
`23.0 ap372033`	affected	—
`23.0 ap372178`	affected	—
`23.0 ap371516`	affected	—
`23.0 ap372351`	affected	—
`23.0 ap372708`	affected	—
`23.0 ap372100`	affected	—
`23.0 ap372504`	affected	—
`23.0 ap371961`	affected	—
`23.0 ap370590`	affected	—
`23.0 ap370544`	affected	—
`23.0 ap372599`	affected	—
`23.0 ap371610`	affected	—
`23.0 ap371836`	affected	—
`23.0 ap371343`	affected	—
`23.0 ap372674`	affected	—
`23.0 ap371202`	affected	—
`23.0 ap370911`	affected	—
`23.0 ap370817`	affected	—
`23.0 ap372043`	affected	—
`23.0 ap370802`	affected	—
`23.0 ap371725`	affected	—
`23.0 ap370437`	affected	—
`23.0 ap370926`	affected	—
`23.0 ap370884`	affected	—
`23.0 ap371681`	affected	—
`23.0 ap371366`	affected	—
`23.0 ap370952`	affected	—
`23.0 ap371281`	affected	—
`23.0 ap371436`	affected	—
`23.0 ap371153`	affected	—
`23.0 ap371033`	affected	—
`23.0 ap371977`	affected	—
`23.0 ap371627`	affected	—
`23.0 ap371155`	affected	—
`23.0 ap371134`	affected	—
`23.0 ap371295`	affected	—
`23.0 ap372152`	affected	—
`23.0 ap371760`	affected	—
`23.0 ap370627`	affected	—
`23.0 ap371583`	affected	—
`23.0 ap371546`	affected	—
`23.0 ap371770`	affected	—
`23.0 ap371437`	affected	—
`23.0 ap372091`	affected	—
`23.0 ap372163`	affected	—
`23.0 ap370737`	affected	—
`23.0 ap370908`	affected	—
`23.0 ap370465`	affected	—
`23.0 ap371587`	affected	—
`23.0 ap375133`	affected	—
`23.0 ap371682`	affected	—
`23.0 ap375266`	affected	—
`23.0 ap372099`	affected	—
`23.0 ap375254`	affected	—
`23.0 ap372016`	affected	—
`23.0 ap372177`	affected	—
`23.0 ap375242`	affected	—
`23.0 ap375206`	affected	—
`23.0 ap375291`	affected	—
`23.0 ap371775`	affected	—
`23.0 ap375196`	affected	—
`23.0 ap375688`	affected	—
`23.0 ap375382`	affected	—
`23.0 ap375634`	affected	—
`23.0 ap375654`	affected	—
`23.0 ap375449`	affected	—
`23.0 ap375321`	affected	—
`23.0 ap375685`	affected	—
`23.0 ap375509`	affected	—
`23.0 ap375719`	affected	—
`23.0 ap375720`	affected	—
`23.0 ap375464`	affected	—
`23.0 ap375625`	affected	—
`23.0 ap375441`	affected	—
`23.0 ap375709`	affected	—
`23.0 ap375343`	affected	—
`23.0 ap375533`	affected	—
`23.0 ap375672`	affected	—
`23.0 ap375545`	affected	—
`23.0 ap375264`	affected	—
`23.0 ap375661`	affected	—
`23.0 ap375646`	affected	—
`23.0 ap375238`	affected	—
`23.0 ap375304`	affected	—
`23.0 ap375097`	affected	—
`23.0 ap373664`	affected	—
`23.0 ap373562`	affected	—
`23.0 ap372932`	affected	—
`23.0 ap374339`	affected	—
`23.0 ap374265`	affected	—
`23.0 ap374230`	affected	—
`23.0 ap374430`	affected	—
`23.0 ap373102`	affected	—
`23.0 ap375655`	affected	—
`23.0 ap373777`	affected	—
`23.0 ap374113`	affected	—
`23.0 ap373015`	affected	—
`23.0 ap374971`	affected	—
`23.0 ap374803`	affected	—
`23.0 ap374677`	affected	—
`23.0 ap372974`	affected	—
`23.0 ap373117`	affected	—
`23.0 ap374312`	affected	—
`23.0 ap374354`	affected	—
`23.0 ap375018`	affected	—
`23.0 ap373018`	affected	—
`23.0 ap374506`	affected	—
`23.0 ap374588`	affected	—
`23.0 ap373950`	affected	—
`23.0 ap375038`	affected	—
`23.0 ap373480`	affected	—
`23.0 ap374238`	affected	—
`23.0 ap372845`	affected	—
`23.0 ap373564`	affected	—
`23.0 ap373482`	affected	—
`23.0 ap372994`	affected	—
`23.0 ap373137`	affected	—
`23.0 ap373108`	affected	—
`23.0 ap374977`	affected	—
`23.0 ap373034`	affected	—
`23.0 ap374324`	affected	—
`23.0 ap374031`	affected	—
`23.0 ap374093`	affected	—
`23.0 ap373732`	affected	—
`23.0 ap374507`	affected	—
`23.0 ap373684`	affected	—
`23.0 ap374356`	affected	—
`23.0 ap373820`	affected	—
`23.0 ap373104`	affected	—
`23.0 ap373954`	affected	—
`23.0 ap373644`	affected	—
`23.0 ap373899`	affected	—
`23.0 ap374822`	affected	—
`23.0 ap374254`	affected	—
`23.0 ap375069`	affected	—
`23.0 ap373918`	affected	—
`23.0 ap374557`	affected	—
`23.0 ap372854`	affected	—
`23.0 ap373647`	affected	—
`23.0 ap374838`	affected	—
`23.0 ap374330`	affected	—
`23.0 ap374799`	affected	—
`23.0 ap374428`	affected	—
`23.0 ap373008`	affected	—
`23.0 ap375936`	affected	—
`23.0 ap375862`	affected	—
`23.0 ap374994`	affected	—
`23.0 ap376041`	affected	—
`23.0 ap374895`	affected	—
`23.0 ap375793`	affected	—
`23.0 ap376088`	affected	—
`23.0 ap373046`	affected	—
`23.0 ap375937`	affected	—
`23.0 ap374680`	affected	—
`23.0 ap376181`	affected	—
`23.0 ap375797`	affected	—
`23.0 ap375003`	affected	—
`23.0 ap373763`	affected	—
`23.0 ap373539`	affected	—
`23.0 ap373111`	affected	—
`23.0 ap375734`	affected	—
`23.0 ap376117`	affected	—
`23.0 ap375743`	affected	—
`23.0 ap376087`	affected	—
`23.0 ap376179`	affected	—
`23.0 ap376100`	affected	—
`23.0 ap373299`	affected	—
`23.0 ap373303`	affected	—
`23.0 ap375908`	affected	—
`23.0 ap376356`	affected	—
`23.0 ap375984`	affected	—
`23.0 ap373318`	affected	—
`23.0 ap375865`	affected	—
`23.0 ap373196`	affected	—
`23.0 ap376038`	affected	—
`23.0 ap373257`	affected	—
`23.0 ap373285`	affected	—
`23.0 ap376218`	affected	—
`23.0 ap373438`	affected	—
`23.0 ap373212`	affected	—
`23.0 ap373391`	affected	—
`23.0 ap373315`	affected	—
`23.0 ap373271`	affected	—
`23.0 ap376509`	affected	—
`23.0 ap376252`	affected	—
`23.0 ap376602`	affected	—
`23.0 ap376752`	affected	—
`23.0 ap373452`	affected	—
`23.0 ap376429`	affected	—
`23.0 ap376860`	affected	—
`23.0 ap376710`	affected	—
`23.0 ap376410`	affected	—
`23.0 ap376577`	affected	—
`23.0 ap376633`	affected	—
`23.0 ap376298`	affected	—
`23.0 ap373189`	affected	—
`23.0 ap376426`	affected	—
`23.0 ap376873`	affected	—
`23.0 ap376668`	affected	—
`23.0 ap376407`	affected	—
`23.0 ap376670`	affected	—
`23.0 ap376485`	affected	—
`23.0 ap376642`	affected	—
`23.0 ap376652`	affected	—
`23.0 ap376523`	affected	—
`23.0 ap376656`	affected	—
`23.0 ap376620`	affected	—
`23.0 ap376531`	affected	—
`23.0 ap378025`	affected	—
`23.0 ap377412`	affected	—
`23.0 ap376504`	affected	—
`23.0 ap376762`	affected	—
`23.0 ap376541`	affected	—
`23.0 ap376671`	affected	—
`23.0 ap376844`	affected	—
`23.0 ap376701`	affected	—
`23.0 ap376614`	affected	—
`23.0 ap377578`	affected	—
`23.0 ap377496`	affected	—
`23.0 ap377715`	affected	—
`23.0 ap377508`	affected	—
`23.0 ap376416`	affected	—
`23.0 ap377409`	affected	—
`23.0 ap377778`	affected	—
`23.0 ap376355`	affected	—
`23.0 ap377866`	affected	—
`23.0 ap377516`	affected	—
`23.0 ap377644`	affected	—
`23.0 ap377755`	affected	—
`23.0 ap377540`	affected	—
`23.0 ap377497`	affected	—
`23.0 ap377523`	affected	—
`23.0 ap377581`	affected	—
`23.0 ap377727`	affected	—
`23.0 ap378436`	affected	—
`23.0 ap377515`	affected	—
`23.0 ap377674`	affected	—
`23.0 ap378400`	affected	—
`23.0 ap377566`	affected	—
`23.0 ap377494`	affected	—
`23.0 ap377799`	affected	—
`23.0 ap377779`	affected	—
`23.0 ap378165`	affected	—
`23.0 ap378332`	affected	—
`23.0 ap377757`	affected	—
`23.0 ap377908`	affected	—
`23.0 ap377802`	affected	—
`23.0 ap377999`	affected	—
`23.0 ap377984`	affected	—
`23.0 ap378134`	affected	—
`23.0 ap378545`	affected	—
`23.0 ap378863`	affected	—
`23.0 ap378882`	affected	—
`23.0 ap379016`	affected	—
`23.0 ap378599`	affected	—
`23.0 ap378218`	affected	—
`23.0 ap378164`	affected	—
`23.0 ap379085`	affected	—
`23.0 ap378880`	affected	—
`23.0 ap378334`	affected	—
`23.0 ap378862`	affected	—
`23.0 ap378425`	affected	—
`23.0 ap378259`	affected	—
`23.0 ap378970`	affected	—
`23.0 ap378153`	affected	—
`23.0 ap378585`	affected	—
`23.0 ap378509`	affected	—
`23.0 ap378393`	affected	—
`23.0 ap378079`	affected	—
`23.0 ap378404`	affected	—
`23.0 ap378471`	affected	—
`23.0 ap378966`	affected	—
`23.0 ap379049`	affected	—
`23.0 ap379012`	affected	—
`23.0 ap379080`	affected	—
`23.0 ap378865`	affected	—
`23.0 ap378140`	affected	—
`23.0 ap378574`	affected	—
`23.0 ap378440`	affected	—
`23.0 ap378055`	affected	—
`23.0 ap378823`	affected	—
`23.0 ap378603`	affected	—
`23.0 ap379397`	affected	—
`23.0 ap379153`	affected	—
`23.0 ap378953`	affected	—
`23.0 ap378866`	affected	—
`23.0 ap379008`	affected	—
`23.0 ap378924`	affected	—
`23.0 ap378581`	affected	—
`23.0 ap378999`	affected	—
`23.0 ap378161`	affected	—
`23.0 ap378080`	affected	—
`23.0 ap379493`	affected	—
`23.0 ap380161`	affected	—
`23.0 ap379046`	affected	—
`23.0 ap379874`	affected	—
`23.0 ap378391`	affected	—
`23.0 ap380239`	affected	—
`23.0 ap379951`	affected	—
`23.0 ap379772`	affected	—
`23.0 ap378419`	affected	—
`23.0 ap378257`	affected	—
`23.0 ap379775`	affected	—
`23.0 ap379838`	affected	—
`23.0 ap379531`	affected	—
`23.0 ap379888`	affected	—
`23.0 ap379167`	affected	—
`23.0 ap378485`	affected	—
`23.0 ap380167`	affected	—
`23.0 ap380099`	affected	—
`23.0 ap379847`	affected	—
`23.0 ap379098`	affected	—
`23.0 ap379972`	affected	—
`23.0 ap379438`	affected	—
`23.0 ap380143`	affected	—
`23.0 ap380187`	affected	—
`23.0 ap379326`	affected	—
`23.0 ap379427`	affected	—
`23.0 ap380045`	affected	—
`23.0 ap379848`	affected	—
`23.0 ap377384`	affected	—
`23.0 ap376984`	affected	—
`23.0 ap377042`	affected	—
`23.0 ap379890`	affected	—
`23.0 ap380128`	affected	—
`23.0 ap377149`	affected	—
`23.0 ap380446`	affected	—
`23.0 ap379694`	affected	—
`23.0 ap376988`	affected	—
`23.0 ap380270`	affected	—
`23.0 ap379780`	affected	—
`23.0 ap380371`	affected	—
`23.0 ap377225`	affected	—
`23.0 ap379752`	affected	—
`23.0 ap380137`	affected	—
`23.0 ap377045`	affected	—
`23.0 ap376989`	affected	—
`23.0 ap380180`	affected	—
`23.0 ap380042`	affected	—
`23.0 ap376935`	affected	—
`23.0 ap379487`	affected	—
`23.0 ap379934`	affected	—
`23.0 ap377023`	affected	—
`23.0 ap377327`	affected	—
`23.0 ap379833`	affected	—
`23.0 ap376953`	affected	—
`23.0 ap380473`	affected	—
`23.0 ap380535`	affected	—
`23.0 ap377068`	affected	—
`23.0 ap379853`	affected	—
`23.0 ap379350`	affected	—
`23.0 ap380998`	affected	—
`23.0 ap380626`	affected	—
`23.0 ap377079`	affected	—
`23.0 ap379151`	affected	—
`23.0 ap377329`	affected	—
`23.0 ap381091`	affected	—
`23.0 ap380751`	affected	—
`23.0 ap380543`	affected	—
`23.0 ap381270`	affected	—
`23.0 ap380817`	affected	—
`23.0 ap381055`	affected	—
`23.0 ap380506`	affected	—
`23.0 ap381275`	affected	—
`23.0 ap380739`	affected	—
`23.0 ap380783`	affected	—
`23.0 ap380970`	affected	—
`23.0 ap380537`	affected	—
`23.0 ap381140`	affected	—
`23.0 ap380697`	affected	—
`23.0 ap380936`	affected	—
`23.0 ap380486`	affected	—
`23.0 ap380512`	affected	—
`23.0 ap380737`	affected	—
`23.0 ap381118`	affected	—
`23.0 ap380555`	affected	—
`23.0 ap381072`	affected	—
`23.0 ap381584`	affected	—
`23.0 ap381088`	affected	—
`23.0 ap381137`	affected	—
`23.0 ap382053`	affected	—
`23.0 ap381523`	affected	—
`23.0 ap381732`	affected	—
`23.0 ap382372`	affected	—
`23.0 ap382252`	affected	—
`23.0 ap383002`	affected	—
`23.0 ap382857`	affected	—
`23.0 ap383512`	affected	—
`23.0 ap382846`	affected	—
`23.0 ap382253`	affected	—
`23.0 ap381322`	affected	—
`23.0 ap382057`	affected	—
`23.0 ap382386`	affected	—
`23.0 ap382709`	affected	—
`23.0 ap382954`	affected	—
`23.0 ap382505`	affected	—
`23.0 ap382225`	affected	—
`23.0 ap382717`	affected	—
`23.0 ap381840`	affected	—
`23.0 ap381594`	affected	—
`23.0 ap381410`	affected	—
`23.0 ap382463`	affected	—
`23.0 ap382198`	affected	—
`23.0 ap381526`	affected	—
`23.0 ap381498`	affected	—
`23.0 ap381418`	affected	—
`23.0 ap383573`	affected	—
`23.0 ap382838`	affected	—
`23.0 ap381609`	affected	—
`23.0 ap381548`	affected	—
`23.0 ap382409`	affected	—
`23.0 ap383706`	affected	—
`23.0 ap382945`	affected	—
`23.0 ap382300`	affected	—
`23.0 ap382615`	affected	—
`23.0 ap382977`	affected	—
`23.0 ap384345`	affected	—
`23.0 ap383547`	affected	—
`23.0 ap382158`	affected	—
`23.0 ap382240`	affected	—
`23.0 ap383515`	affected	—
`23.0 ap383754`	affected	—
`23.0 ap381961`	affected	—
`23.0 ap382526`	affected	—
`23.0 ap382951`	affected	—
`23.0 ap382824`	affected	—
`23.0 ap382993`	affected	—
`23.0 ap383536`	affected	—
`23.0 ap383247`	affected	—
`23.0 ap381504`	affected	—
`23.0 ap383170`	affected	—
`23.0 ap382032`	affected	—
`23.0 ap382992`	affected	—
`23.0 ap383594`	affected	—
`23.0 ap383365`	affected	—
`23.0 ap383772`	affected	—
`23.0 ap381569`	affected	—
`23.0 ap381348`	affected	—
`23.0 ap382192`	affected	—
`23.0 ap381367`	affected	—
`23.0 ap383352`	affected	—
`23.0 ap383597`	affected	—
`23.0 ap381622`	affected	—
`23.0 ap383518`	affected	—
`23.0 ap383492`	affected	—
`23.0 ap383309`	affected	—
`23.0 ap383064`	affected	—
`23.0 ap383168`	affected	—
`23.0 ap382362`	affected	—
`23.0 ap382251`	affected	—
`23.0 ap383319`	affected	—
`23.0 ap382434`	affected	—
`23.0 ap384431`	affected	—
`23.0 ap383514`	affected	—
`23.0 ap384441`	affected	—
`22.0 ap383594`	affected	—
`22.0 ap371725`	affected	—
`22.0 ap383319`	affected	—
`22.0 ap367293`	affected	—
`22.0 ap383512`	affected	—
`22.0 ap376088`	affected	—
`22.0 ap361155`	affected	—
`22.0 ap382864`	affected	—
`22.0 ap383716`	affected	—
`22.0 ap383701`	affected	—
`22.0 ap342175`	affected	—
`22.0 ap339371`	affected	—
`22.0 ap353835`	affected	—
`22.0 ap351023`	affected	—
`22.0 ap354154`	affected	—
`22.0 ap353865`	affected	—
`22.0 ap350800`	affected	—
`22.0 ap350032`	affected	—
`22.0 ap349201`	affected	—
`22.0 ap353120`	affected	—
`22.0 ap351924`	affected	—
`22.0 ap351817`	affected	—
`22.0 ap353549`	affected	—
`22.0 ap353179`	affected	—
`22.0 ap351960`	affected	—
`22.0 ap352304`	affected	—
`22.0 ap353390`	affected	—
`22.0 ap352707`	affected	—
`22.0 ap355636`	affected	—
`22.0 ap352837`	affected	—
`22.0 ap353311`	affected	—
`22.0 ap352337`	affected	—
`22.0 ap355300`	affected	—
`22.0 ap356412`	affected	—
`22.0 ap355946`	affected	—
`22.0 ap355647`	affected	—
`22.0 ap356253`	affected	—
`22.0 ap354528`	affected	—
`22.0 ap355353`	affected	—
`22.0 ap356359`	affected	—
`22.0 ap355952`	affected	—
`22.0 ap354909`	affected	—
`22.0 ap356749`	affected	—
`22.0 ap357347`	affected	—
`22.0 ap354597`	affected	—
`22.0 ap356319`	affected	—
`22.0 ap356774`	affected	—
`22.0 ap356551`	affected	—
`22.0 ap351262`	affected	—
`22.0 ap357040`	affected	—
`22.0 ap357525`	affected	—
`22.0 ap357447`	affected	—
`22.0 ap357560`	affected	—
`22.0 ap357608`	affected	—
`22.0 ap357655`	affected	—
`22.0 ap357597`	affected	—
`22.0 ap358099`	affected	—
`22.0 ap357523`	affected	—
`22.0 ap357621`	affected	—
`22.0 ap357795`	affected	—
`22.0 ap358291`	affected	—
`22.0 ap359434`	affected	—
`22.0 ap358290`	affected	—
`22.0 ap358119`	affected	—
`22.0 ap359549`	affected	—
`22.0 ap358603`	affected	—
`22.0 ap359674`	affected	—
`22.0 ap359121`	affected	—
`22.0 ap360250`	affected	—
`22.0 ap360564`	affected	—
`22.0 ap359106`	affected	—
`22.0 ap359218`	affected	—
`22.0 ap359769`	affected	—
`22.0 ap360164`	affected	—
`22.0 ap359001`	affected	—
`22.0 ap360365`	affected	—
`22.0 ap360816`	affected	—
`22.0 ap361116`	affected	—
`22.0 ap361353`	affected	—
`22.0 ap361076`	affected	—
`22.0 ap360531`	affected	—
`22.0 ap362367`	affected	—
`22.0 ap362683`	affected	—
`22.0 ap362276`	affected	—
`22.0 ap362707`	affected	—
`22.0 ap361934`	affected	—
`22.0 ap363082`	affected	—
`22.0 ap361154`	affected	—
`22.0 ap362122`	affected	—
`22.0 ap364194`	affected	—
`22.0 ap361666`	affected	—
`22.0 ap362492`	affected	—
`22.0 ap363753`	affected	—
`22.0 ap362644`	affected	—
`22.0 ap367820`	affected	—
`22.0 ap362575`	affected	—
`22.0 ap363361`	affected	—
`22.0 ap363760`	affected	—
`22.0 ap364048`	affected	—
`22.0 ap363233`	affected	—
`22.0 ap363666`	affected	—
`22.0 ap363568`	affected	—
`22.0 ap367974`	affected	—
`22.0 ap364278`	affected	—
`22.0 ap363824`	affected	—
`22.0 ap368067`	affected	—
`22.0 ap363976`	affected	—
`22.0 ap364213`	affected	—
`22.0 ap364275`	affected	—
`22.0 ap366397`	affected	—
`22.0 ap366624`	affected	—
`22.0 ap363582`	affected	—
`22.0 ap364125`	affected	—
`22.0 ap366252`	affected	—
`22.0 ap363408`	affected	—
`22.0 ap366715`	affected	—
`22.0 ap364214`	affected	—
`22.0 ap364258`	affected	—
`22.0 ap366784`	affected	—
`22.0 ap366358`	affected	—
`22.0 ap366180`	affected	—
`22.0 ap365172`	affected	—
`22.0 ap366430`	affected	—
`22.0 ap364778`	affected	—
`22.0 ap364834`	affected	—
`22.0 ap364521`	affected	—
`22.0 ap364905`	affected	—
`22.0 ap364844`	affected	—
`22.0 ap364635`	affected	—
`22.0 ap367298`	affected	—
`22.0 ap365171`	affected	—
`22.0 ap364924`	affected	—
`22.0 ap365905`	affected	—
`22.0 ap365515`	affected	—
`22.0 ap367001`	affected	—
`22.0 ap365577`	affected	—
`22.0 ap365759`	affected	—
`22.0 ap365758`	affected	—
`22.0 ap367290`	affected	—
`22.0 ap367183`	affected	—
`22.0 ap371654`	affected	—
`22.0 ap371703`	affected	—
`22.0 ap365511`	affected	—
`22.0 ap365576`	affected	—
`22.0 ap370802`	affected	—
`22.0 ap365944`	affected	—
`22.0 ap366959`	affected	—
`22.0 ap371202`	affected	—
`22.0 ap365858`	affected	—
`22.0 ap371919`	affected	—
`22.0 ap367294`	affected	—
`22.0 ap371343`	affected	—
`22.0 ap367206`	affected	—
`22.0 ap371134`	affected	—
`22.0 ap372178`	affected	—
`22.0 ap371926`	affected	—
`22.0 ap372017`	affected	—
`22.0 ap371681`	affected	—
`22.0 ap372192`	affected	—
`22.0 ap371610`	affected	—
`22.0 ap371546`	affected	—
`22.0 ap371281`	affected	—
`22.0 ap371770`	affected	—
`22.0 ap370908`	affected	—
`22.0 ap368308`	affected	—
`22.0 ap371195`	affected	—
`22.0 ap371366`	affected	—
`22.0 ap368140`	affected	—
`22.0 ap371977`	affected	—
`22.0 ap371682`	affected	—
`22.0 ap371627`	affected	—
`22.0 ap369641`	affected	—
`22.0 ap369855`	affected	—
`22.0 ap368195`	affected	—
`22.0 ap368957`	affected	—
`22.0 ap368612`	affected	—
`22.0 ap368568`	affected	—
`22.0 ap368217`	affected	—
`22.0 ap369529`	affected	—
`22.0 ap368096`	affected	—
`22.0 ap368601`	affected	—
`22.0 ap368970`	affected	—
`22.0 ap369881`	affected	—
`22.0 ap369550`	affected	—
`22.0 ap369295`	affected	—
`22.0 ap369473`	affected	—
`22.0 ap369065`	affected	—
`22.0 ap372433`	affected	—
`22.0 ap372567`	affected	—
`22.0 ap372522`	affected	—
`22.0 ap369800`	affected	—
`22.0 ap372389`	affected	—
`22.0 ap372560`	affected	—
`22.0 ap370563`	affected	—
`22.0 ap370344`	affected	—
`22.0 ap372623`	affected	—
`22.0 ap370424`	affected	—
`22.0 ap370170`	affected	—
`22.0 ap374680`	affected	—
`22.0 ap374169`	affected	—
`22.0 ap374799`	affected	—
`22.0 ap370437`	affected	—
`22.0 ap374430`	affected	—
`22.0 ap374677`	affected	—
`22.0 ap372968`	affected	—
`22.0 ap373118`	affected	—
`22.0 ap373855`	affected	—
`22.0 ap373438`	affected	—
`22.0 ap374660`	affected	—
`22.0 ap373391`	affected	—
`22.0 ap373196`	affected	—
`22.0 ap373732`	affected	—
`22.0 ap374113`	affected	—
`22.0 ap373034`	affected	—
`22.0 ap373189`	affected	—
`22.0 ap374488`	affected	—
`22.0 ap374354`	affected	—
`22.0 ap373285`	affected	—
`22.0 ap373108`	affected	—
`22.0 ap374238`	affected	—
`22.0 ap373315`	affected	—
`22.0 ap373299`	affected	—
`22.0 ap373137`	affected	—
`22.0 ap373482`	affected	—
`22.0 ap375734`	affected	—
`22.0 ap375625`	affected	—
`22.0 ap375862`	affected	—
`22.0 ap373318`	affected	—
`22.0 ap375441`	affected	—
`22.0 ap375200`	affected	—
`22.0 ap374131`	affected	—
`22.0 ap373008`	affected	—
`22.0 ap376504`	affected	—
`22.0 ap376355`	affected	—
`22.0 ap372799`	affected	—
`22.0 ap376577`	affected	—
`22.0 ap374977`	affected	—
`22.0 ap375206`	affected	—
`22.0 ap375309`	affected	—
`22.0 ap375937`	affected	—
`22.0 ap375465`	affected	—
`22.0 ap375464`	affected	—
`22.0 ap375865`	affected	—
`22.0 ap375672`	affected	—
`22.0 ap375793`	affected	—
`22.0 ap374891`	affected	—
`22.0 ap376100`	affected	—
`22.0 ap375382`	affected	—
`22.0 ap375383`	affected	—
`22.0 ap375661`	affected	—
`22.0 ap375709`	affected	—
`22.0 ap375984`	affected	—
`22.0 ap375719`	affected	—
`22.0 ap376117`	affected	—
`22.0 ap376535`	affected	—
`22.0 ap375654`	affected	—
`22.0 ap375133`	affected	—
`22.0 ap375413`	affected	—
`22.0 ap379838`	affected	—
`22.0 ap375797`	affected	—
`22.0 ap379775`	affected	—
`22.0 ap380446`	affected	—
`22.0 ap379752`	affected	—
`22.0 ap376261`	affected	—
`22.0 ap380232`	affected	—
`22.0 ap375720`	affected	—
`22.0 ap380506`	affected	—
`22.0 ap380108`	affected	—
`22.0 ap376633`	affected	—
`22.0 ap379917`	affected	—
`22.0 ap380201`	affected	—
`22.0 ap379951`	affected	—
`22.0 ap380507`	affected	—
`22.0 ap380449`	affected	—
`22.0 ap380137`	affected	—
`22.0 ap376988`	affected	—
`22.0 ap376989`	affected	—
`22.0 ap376752`	affected	—
`22.0 ap376642`	affected	—
`22.0 ap377225`	affected	—
`22.0 ap376953`	affected	—
`22.0 ap376935`	affected	—
`22.0 ap377497`	affected	—
`22.0 ap376652`	affected	—
`22.0 ap380130`	affected	—
`22.0 ap376762`	affected	—
`22.0 ap377982`	affected	—
`22.0 ap376844`	affected	—
`22.0 ap377625`	affected	—
`22.0 ap377483`	affected	—
`22.0 ap377042`	affected	—
`22.0 ap378334`	affected	—
`22.0 ap377389`	affected	—
`22.0 ap378055`	affected	—
`22.0 ap378485`	affected	—
`22.0 ap378257`	affected	—
`22.0 ap377164`	affected	—
`22.0 ap378393`	affected	—
`22.0 ap378025`	affected	—
`22.0 ap377409`	affected	—
`22.0 ap378419`	affected	—
`22.0 ap377327`	affected	—
`22.0 ap378161`	affected	—
`22.0 ap377045`	affected	—
`22.0 ap378866`	affected	—
`22.0 ap379461`	affected	—
`22.0 ap379326`	affected	—
`22.0 ap378079`	affected	—
`22.0 ap377715`	affected	—
`22.0 ap379151`	affected	—
`22.0 ap379350`	affected	—
`22.0 ap379427`	affected	—
`22.0 ap379493`	affected	—
`22.0 ap379556`	affected	—
`22.0 ap379153`	affected	—
`22.0 ap382225`	affected	—
`22.0 ap380555`	affected	—
`22.0 ap381137`	affected	—
`22.0 ap382032`	affected	—
`22.0 ap382362`	affected	—
`22.0 ap381275`	affected	—
`22.0 ap381622`	affected	—
`22.0 ap380970`	affected	—
`22.0 ap382251`	affected	—
`22.0 ap382372`	affected	—
`22.0 ap381009`	affected	—
`22.0 ap381140`	affected	—
`22.0 ap381504`	affected	—
`22.0 ap382409`	affected	—
`22.0 ap382993`	affected	—
`22.0 ap382951`	affected	—
`22.0 ap383655`	affected	—
`22.0 ap382615`	affected	—
`22.0 ap382903`	affected	—
`22.0 ap382838`	affected	—
`22.0 ap382476`	affected	—
`22.0 ap354180`	affected	—
`22.0 ap359429`	affected	—
`RI.2021.02`	affected	—
`RI.2021.08`	affected	—
`RI.2021.09`	affected	—
`RI.2021.10`	affected	—
`RI.2021.11`	affected	—
`RI.2021.12`	affected	—
`RI.2022.02`	affected	—
`RI.2022.03`	affected	—
`RI.2022.04`	affected	—
`RI.2022.07`	affected	—
`RI.2022.06`	affected	—
`RI.2022.05`	affected	—
`RI.2022.09`	affected	—
`RI.2022.10`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:cisco:broadworks_application_delivery_platform_device_management::::::::
	cpe:2.3:a:cisco:broadworks_xtended_services_platform::::::::

No data.

Subscriptions

Vendors	Products
Cisco Subscribe	Broadworks Application Delivery Platform Device Management Subscribe Broadworks Xtended Services Platform Subscribe

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-24199	A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when parsing HTTP requests. An attacker could exploit this vulnerability by sending a sustained stream of crafted requests to an affected device. A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-dos-HpkeYzp

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-01-19T01:35:09.650Z

Updated: 2024-08-02T08:57:35.651Z

Reserved: 2022-10-27T18:47:50.308Z

Link: CVE-2023-20020

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-20T07:15:14.197

Modified: 2024-11-21T07:40:21.823

Link: CVE-2023-20020

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

Tracking

JSON object

JSON object

JSON object

JSON object

JSON object