CVE-2023-45353

2023-10-0900:00:00

mitre

www.cve.org

atos unify openscape

code execution

remote upload

operating system

common management portal

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.0%

JSON

Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system by leveraging the Common Management Portal web interface for Authenticated remote upload and creation of arbitrary files affecting the underlying operating system. This is also known as OCMP-6591.

References

networks.unify.com/security/advisories/OBSO-2306-02.pdf

www.news.de/technik/857003738/unify-openscape-common-management-platform-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-update-zu-bekannten-schwachstellen-und-sicherheitsluecken-vom-03-07-2023/1/