Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.
When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Broadworks_commpilot_application_software | Cisco | 22.0 (including) | 22.0.2021.09 (excluding) |
Broadworks_commpilot_application_software | Cisco | 23.0 (including) | 23.0.2021.09 (excluding) |
Broadworks_commpilot_application_software | Cisco | 24.0 (including) | 24.0.2021.09 (excluding) |