SSO Implementation Flaw In Cisco Broadworks Let Attackers Forge Credentials | allinfosecnews.com

Sept. 8, 2023, 7:17 a.m. | Guru Baran

GBHackers On Security gbhackers.com

A single sign-on (SSO) implementation flaw in the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform might make it possible for a remote, unauthenticated attacker to forge credentials to access a vulnerable system. This “Critical” severity vulnerability has a CVSS base score of 10.0 and is tracked as CVE-2023-20238. Cisco has issued software […]

The post SSO Implementation Flaw In Cisco Broadworks Let Attackers Forge Credentials appeared first on GBHackers - Latest Cyber Security News | Hacker …

access application application delivery attacker attackers base cisco credentials critical cvss delivery flaw forge implementation platform score services severity sign single single sign-on sso system unauthenticated vulnerability vulnerability analysis vulnerable

More from gbhackers.com / GBHackers On Security

Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations 1 day, 13 hours ago | gbhackers.com

act archive attachments attack +30

GoldPickaxe iOS Malware Harvests Facial Recognition Data & Bank Accounts 1 day, 13 hours ago | gbhackers.com

accounts android android malware app +25

Muhstik Malware Attacking Apache RocketMQ To Execute Remote Code 2 days, 16 hours ago | gbhackers.com

access apache apache rocketmq aqua +31

Hacktivist Groups Attacking Industrial Control Systems To Disrupt Services 2 days, 16 hours ago | gbhackers.com

attacks can control control systems +33

North Korean Kimsuky Attacking Arms Manufacturer In Europe 2 days, 16 hours ago | gbhackers.com

arms attack attack vector campaign +19

SPECTR Malware Attacking Defense Forces of Ukraine With a batch script 2 days, 17 hours ago | gbhackers.com

batch campaign center cert +22

300+ Times Downloaded Package from PyPI Contains Wiper Components 2 days, 21 hours ago | gbhackers.com

components cyber security cyber-security-course downloader +16

Tenable Acquires Eureka Security To Provide Data Security Across Infrastructure 2 days, 22 hours ago | gbhackers.com

acquisition agreement bolster capabilities +23

Microsoft Details On Using KQL To Hunt For MFA Manipulations 2 days, 22 hours ago | gbhackers.com

accounts attributes audit logs authentication +30

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com