CVE-2023-45352

2023-10-0900:00:00

mitre

www.cve.org

atos unify

openscape

management portal

path traversal

vulnerability

operating system

code execution

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.1%

JSON

Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. This is also known as OCMP-6592.

References

networks.unify.com/security/advisories/OBSO-2306-02.pdf

www.news.de/technik/857003738/unify-openscape-common-management-platform-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-update-zu-bekannten-schwachstellen-und-sicherheitsluecken-vom-03-07-2023/1/