BroadWorks Call Detail Record Disclosure Vulnerability

Users of BroadWorks please be advised of a Call Detail Record Disclosure vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (

BroadWorks-SA-11/02/2010: BroadWorks Call Detail Record Disclosure Vulnerability
Affected Software: BroadWorks <= R16
+———–+ discovered an issue regarding privilege
separation between different enterprise groups within BroadWorks.
This issue allows a user with Attendant Console privileges to
view and record live call detail records for any user of the
system, including users from other organisations.