Atos Unify OpenScape Input Validation Error Vulnerability

🗓️ 20 Sep 2023 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 2 Views

An input validation error vulnerability exists in Atos Unify OpenScape, a native SIP-based real-time VoIP system.

Reporter	Title	Published	Views	Family All 14
0day.today	Atos Unify OpenScape Code Execution / Missing Authentication Vulnerabilities	18 Sep 202300:00	–	zdt
ATTACKERKB	CVE-2023-36619	4 Oct 202321:15	–	attackerkb
BDU FSTEC	The vulnerability of the application programming interface of the microprogramming system for controller security and session management in IP networks – OpenScape SBC (Session Border Controller). This software serves as an integration tool for communication systems into the unified communication system – OpenScape BCF (Business Communication Fabric). The OpenScape Branch server allows attackers to perform arbitrary actions.	22 Nov 202300:00	–	bdu_fstec
Circl	CVE-2023-36619	21 Sep 202316:20	–	circl
CVE	CVE-2023-36619	4 Oct 202300:00	–	cve
Cvelist	CVE-2023-36619	4 Oct 202300:00	–	cvelist
EUVD	EUVD-2023-40563	3 Oct 202520:07	–	euvd
NVD	CVE-2023-36619	4 Oct 202321:15	–	nvd
OSV	CVE-2023-36619	4 Oct 202321:15	–	osv
Packet Storm	Atos Unify OpenScape Code Execution / Missing Authentication	18 Sep 202300:00	–	packetstorm

Source	Link
sec-consult	www.sec-consult.com/vulnerability-lab/advisory/authenticated-remote-code-execution-missing-authentication-atos-unify-openscape/
networks	www.networks.unify.com/security/advisories/OBSO-2307-01.pdf
packetstormsecurity	www.packetstormsecurity.com/files/174704/Atos-Unify-OpenScape-Code-Execution-Missing-Authentication.html
cxsecurity	www.cxsecurity.com/issue/WLB-2023090070
cxsecurity	www.cxsecurity.com/cveshow/CVE-2023-36619/

16 Jan 2026 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.19.8

EPSS0.00884

SSVC

input validation error atos unify openscape sip based real time voice over internet