CVE-2023-20125

Name of the Vulnerable Software and Affected Versions Cisco BroadWorks Network Server (affected versions not specified)

Description The issue is related to improper management of internal resources within the application when handling large delegations, which could allow a remote attacker to cause a denial of service (DoS) condition by exhausting system resources. This is due to the lack of rate limiting for certain incoming TCP connections. An attacker could exploit this by sending a high rate of TCP connections to the server, causing TCP connection resources to grow rapidly until the server becomes unusable.

Recommendations To resolve the issue, update the Cisco BroadWorks Network Server software to a version that addresses this vulnerability. As a temporary workaround, either restart the Cisco BroadWorks Network Server software or reboot the Cisco BroadWorks Network Server node to recover from the vulnerability.