PT-2023-22831 · Atos · Atos Unify Openscape Bcf 10+1
Published
2023-04-13
·
Updated
2023-04-24
·
CVE-2023-30638
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Atos Unify OpenScape SBC 10 versions prior to 10R3.1.3
Atos Unify OpenScape Branch 10 versions prior to 10R3.1.2
Atos Unify OpenScape BCF 10 versions prior to 10R10.7.0
Description
The issue allows remote authenticated admins to inject commands.
Recommendations
For Atos Unify OpenScape SBC 10 versions prior to 10R3.1.3, update to version 10R3.1.3 or later.
For Atos Unify OpenScape Branch 10 versions prior to 10R3.1.2, update to version 10R3.1.2 or later.
For Atos Unify OpenScape BCF 10 versions prior to 10R10.7.0, update to version 10R10.7.0 or later.
Fix
Command Injection
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Atos Unify Openscape Bcf 10
Atos Unify Openscape Branch 10