PT-2023-32584 · Atos · Atos Unify Openscape Branch +2

Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape "Session Border Controller" SBC and "Branch" versions prior to V10 R3.4.0 Atos Unify OpenScape "BCF" versions prior to V10R10.12.00 and V10R11.05.02 Description: An argument injection vulnerability has been identified in...

The vulnerability of the application programming interface of the microprogramming system for controller security and session management in IP networks – OpenScape SBC (Session Border Controller). This software serves as an integration tool for communication systems into the unified communication system – OpenScape BCF (Business Communication Fabric). The OpenScape Branch server allows attackers to perform arbitrary actions.

The vulnerability of the application software interface for microprogramming controllers, which is used for security purposes and managing communication sessions in IP networks—the OpenScape SBC Session Border Controller—as well as the software used to integrate communication systems into the...

The vulnerability of the Web UI component of the Oracle Enterprise Communications Broker session manager and the Oracle Enterprise Session Border Controller application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web UI component of the Oracle Enterprise Communications Broker session manager and the Oracle Enterprise Session Border Controller application is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to...

CVE-2023-22083

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

Design/Logic Flaw

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

CVE-2023-22083

CVE-2023-22083 pertains to Oracle’s Enterprise Session Border Controller (ESBC) Web UI. The issue, affecting ESBC versions 9.0–9.2, arises from insufficient input validation in the Web UI. An unauthenticated attacker who can reach the ESBC over HTTPS can trigger a read access to a subset of data,...

Oracle Communications Security Vulnerability

Oracle Communications is a product of Oracle Corporation USA. provides integrated communications and cloud solutions for service providers and enterprises to accelerate their digital transformation. A security vulnerability exists in Oracle Communications' Oracle Enterprise Session Border...

PT-2023-6205 · Oracle · Oracle Enterprise Session Border Controller

Name of the Vulnerable Software and Affected Versions: Oracle Enterprise Session Border Controller versions 9.0 through 9.2 Description: The issue is related to insufficient input validation in the Web UI component. It allows an unauthenticated attacker with network access via HTTPS to compromise...

CVE-2023-36619

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

CVE-2023-36618

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...

CVE-2023-36618

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...

CVE-2023-36619

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

Design/Logic Flaw

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

Input validation

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...

CVE-2023-36619

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

CVE-2023-36619

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

CVE-2023-36618

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...

The vulnerability of the application software interface of the microprogramming system for controller security and session management in IP networks, OpenScape SBC (Session Border Controller), the software tool for integrating communication systems into a unified communication system, OpenScape BCF (Business Communication Fabric), and the OpenScape Branch server allow a perpetrator to execute arbitrary PHP code.

The vulnerability of the application programming interface of microprogramming software for controlling security and managing communication sessions in IP networks, the OpenScape SBC Session Border Controller, a software tool for integrating communication systems into a unified communication...

PT-2023-5420 · Atos · Atos Unify Openscape Branch +2

Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape Session Border Controller versions through V10 R3.01.03 Atos Unify OpenScape Branch affected versions not specified Atos Unify OpenScape BCF affected versions not specified Description: The issue allows execution of OS...

Atos Unify OpenScape Code Execution / Missing Authentication Vulnerabilities

Atos Unify OpenScape Session Border Controller, Atos Unify OpenScape Branch, and Atos Unify OpenScape BCF suffer from remote code execution and missing authentication vulnerabilities. Atos OpenScape SBC versions before 10 R3.3.0, Branch version 10 versions before R3.3.0, and BCF version 10 versio...