18 matches found
EUVD-2023-39068
Malicious code in bioql PyPI...
CVE-2023-45350
Atos Unify OpenScape 4000 Manager V10 R1 before V10 R1.42.1 and 4000 Manager V10 R0 allow Privilege escalation that may lead to the ability of an authenticated attacker to run arbitrary code via AScm. This is also known as OSFOURK-24034...
CVE-2023-45349
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.34.7, 4000 Assistant V10 R1.42.0, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.34.7, 4000 Manager V10 R1.42.0, and 4000 Manager V10 R0 expose sensitive information that may allow lateral movement to the backup system via AShbr...
CVE-2023-45351
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.1, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.42.1, and 4000 Manager V10 R0 allow Authenticated Command Injection via AShbr. This is also known as OSFOURK-24039...
CVE-2023-45350
Atos Unify OpenScape 4000 Manager V10 R1 before V10 R1.42.1 and 4000 Manager V10 R0 allow Privilege escalation that may lead to the ability of an authenticated attacker to run arbitrary code via AScm. This is also known as OSFOURK-24034...
PT-2023-29524 · Atos · Atos Unify Openscape 4000 Assistant +1
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Assistant versions prior to V10 R1.34.7 Atos Unify OpenScape 4000 Manager versions prior to V10 R1.34.7 Description: The Atos Unify OpenScape 4000 exposes sensitive information, potentially allowing lateral movement ...
CVE-2023-45349
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.34.7, 4000 Assistant V10 R1.42.0, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.34.7, 4000 Manager V10 R1.42.0, and 4000 Manager V10 R0 expose sensitive information that may allow lateral movement to the backup system via AShbr...
CVE-2023-45355
Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 and 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, leading to administrative access via the webservice. This is also known as...
PT-2023-29525 · Atos · Atos Unify Openscape 4000 Manager
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Manager versions V10 R0 through V10 R1 before V10 R1.42.1 Description: The issue allows an authenticated attacker to potentially run arbitrary code via AScm, leading to privilege escalation. This may enable the...
PT-2023-5906 · Atos · Atos Unify Openscape 4000 Platform +1
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 Atos Unify OpenScape 4000 Manager Platform V10 R1 before Hotfix V10 R1.42.2 Description: The issue is related to insufficient input data validation in the webservice of the...
PT-2023-5905 · Atos · Atos Unify Openscape 4000 Platform +1
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 4000 Atos Unify OpenScape 4000 Manager Platform V10 R1 before Hotfix V10 R1.42.2 Description: The issue is related to insufficient input data cleaning when processing dtb...
CVE-2023-35032
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command injection by authenticated users, aka OSFOURK-23554...
CVE-2023-35031
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-24036...
Command injection
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557...
CVE-2023-35031
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-24036...
CVE-2023-35031
CVE-2023-35031 affects Atos Unify OpenScape 4000 components: Assistant and Manager in V10 R0 or V10 R1 with prior builds to V10 R1.42.0/V10 R1.34.8. The issue allows command injection by authenticated users, per the CVE entry. CVSS v3.1 base score 8.8 (HIGH); attack vector NETWORK; require LOW pr...
PT-2023-22271 · Atos · Atos Unify Openscape 4000 Platform +1
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Platform versions 10 R1 through 10 R1.34.3 Atos Unify OpenScape 4000 Manager Platform versions 10 R1 through 10 R1.34.3 Description: The webservice in the affected platforms allows an unauthenticated attacker to run...
CVE-2023-29473
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710...