CVE-2023-35034

CRITICAL

9.8

Description

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie6/12/2023

Derniere modification1/6/2025

Sourcenvd

Observations honeypot0

Produits affectes

atos:unify_openscape_4000_assistantatos:unify_openscape_4000_manager

Faiblesses (CWE)

CWE-94

References

https://networks.unify.com/security/advisories/OBSO-2305-01.pdf(cve@mitre.org)

https://www.news.de/technik/856882353/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/(cve@mitre.org)

https://networks.unify.com/security/advisories/OBSO-2305-01.pdf(af854a3a-2127-422b-91ae-364da2661108)

https://www.news.de/technik/856882353/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.