How severe is CVE-2023-20210?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2023-20210?

This is classified as CWE-250, which is a common weakness in software security.

CVE-2023-20210

MEDIUM Year: 2023

CVSS v3 Score

6.0

Medium

Weakness Type

CWE-250

View all →

Vulnerability Description

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.

CVE-2024-28140

MEDIUM

CVSS:6.1(Medium)

The scanner device boots into a kiosk mode by default and opens the Scan2Net interface in a browser window. This browser is run with the permissions of the root user. There are also several other appl...

CWE-2502024

CVE-2018-10892

MEDIUM

CVSS:6.3(Medium)

The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disab...

CWE-2502018

CVE-2020-2023

MEDIUM

CVSS:6.3(Medium)

Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agen...

CWE-2502020

CVE-2019-10143

MEDIUM

CVSS:6.4(Medium)

It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges...

CWE-2502019

CVE-2024-51722

MEDIUM

CVSS:6.4(Medium)

A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code ru...

CWE-2502024

CVE-2018-10872

MEDIUM

CVSS:5.5(Medium)

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not delive...

CWE-2502018

CVE-2023-20210

Vulnerability Description

Related Vulnerabilities

CVE-2024-28140

CVE-2018-10892

CVE-2020-2023

CVE-2019-10143

CVE-2024-51722

CVE-2018-10872