96 matches found
Command injection
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands...
CVE-2023-30638
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands...
CVE-2023-30638
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands...
CVE-2023-29474
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552...
CVE-2023-29473
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710...
CVE-2023-29473
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710...
PT-2023-22273 · Atos · Atos Unify Openscape 4000 Platform +1
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Platform versions 10 R1 through 10 R1.34.3 Atos Unify OpenScape 4000 Manager Platform versions 10 R1 through 10 R1.34.3 Description: The issue allows an unauthenticated attacker to run arbitrary commands on the...
PT-2023-22271 · Atos · Atos Unify Openscape 4000 Platform +1
Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape 4000 Platform versions 10 R1 through 10 R1.34.3 Atos Unify OpenScape 4000 Manager Platform versions 10 R1 through 10 R1.34.3 Description: The webservice in the affected platforms allows an unauthenticated attacker to run...
CVE-2022-46404
A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager 8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4 that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to th...
Command injection
A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager 8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4 that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to th...
CVE-2022-46404
A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager 8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4 that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to th...
Atos Unify OpenScape 安全漏洞
Atos Unify OpenScape SBC and others are products of Atos France.Atos Unify OpenScape SBC is a datacenter-ready virtualized security application.Atos Unify OpenScape Branch is a virtual appliance or standard server application.Atos Unify OpenScape BCF is a unified communications and collaboration...
CVE-2019-19866
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with...
Design/Logic Flaw
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with...
CVE-2019-19866
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with...
Command injection
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface...