Atos · Atos Unify Openscape Voice · CVE-2023-48166
**Name of the Vulnerable Software and Affected Versions**
Atos Unify OpenScape Voice versions prior to V10R3.26.1
**Description**
A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise of the underlying system.
**Recommendations**
For versions prior to V10R3.26.1, update to V10R3.26.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SOAP Server until a patch is applied.