CVE-2023-45356

2023-10-0900:00:00

mitre

www.cve.org

atos unify openscape

v10 r1

hotfix v10

command injection

administrative access

osfourk-23719

9.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.7%

JSON

Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, leading to administrative access, via dtb pages of the platform portal. This is also known as OSFOURK-23719.

References

networks.unify.com/security/advisories/OBSO-2308-02.pdf

www.news.de/technik/857079218/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/