CVE-2021-34786

MEDIUM

Cisco Broadworks Commpilot Applicatio... - Authentication Bypass

Title source: rule
STIX 2.1

Description

Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

References (1)

Scores

CVSS v3 6.5
EPSS 0.0022
EPSS Percentile 44.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-620 CWE-287
Status published
Products (1)
cisco/broadworks_commpilot_application_software 22.0 - 22.0.2021.09
Published Sep 09, 2021
Tracked Since Feb 18, 2026