Lucene search

[email protected]NVD:CVE-2023-40266

HistoryFeb 08, 2024 - 10:15 p.m.

CVE-2023-40266

2024-02-0822:15:08

CWE-22

[email protected]

web.nvd.nist.gov

atos unify

openscape xpressions

webassistant

path traversal

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

39.4%

JSON

An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows path traversal.

Affected configurations

Nvd

Node

mitelunify_openscape_xpressions_webassistantRange7.0–7r1_fr5_hf42_p911

VendorProductVersionCPE
mitelunify_openscape_xpressions_webassistant*cpe:2.3:a:mitel:unify_openscape_xpressions_webassistant:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mitel	unify_openscape_xpressions_webassistant	*	cpe:2.3:a:mitel:unify_openscape_xpressions_webassistant::::::::

References

networks.unify.com/security/advisories/OBSO-2305-03.pdf

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

39.4%

JSON

Related for NVD:CVE-2023-40266

cve1 prion1 cvelist1