Vulnerabilities > Cisco > Broadworks Messaging Server

DATE CVE VULNERABILITY TITLE RISK
2022-11-04 CVE-2022-20951 Server-Side Request Forgery (SSRF) vulnerability in Cisco Broadworks Messaging Server 22.0
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input.
network
low complexity
cisco CWE-918
6.5
6.5
2021-05-06 CVE-2021-1530 XXE vulnerability in Cisco Broadworks Messaging Server 22.0
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system.
network
low complexity
cisco CWE-611
7.1
7.1