PT-2023-25103 · Atos · Atos Unify Openscape 4000 Assistant+1
Published
2023-06-12
·
Updated
2025-01-06
·
CVE-2023-35031
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Atos Unify OpenScape 4000 Assistant versions V10 R0, V10 R1 before V10 R1.42.0 and V10 R1.34.8
Atos Unify OpenScape 4000 Manager versions V10 R0, V10 R1 before V10 R1.42.0 and V10 R1.34.8
Description
The issue allows command injection by authenticated users.
Recommendations
For Atos Unify OpenScape 4000 Assistant versions V10 R0, update to a version after V10 R1.42.0 or V10 R1.34.8.
For Atos Unify OpenScape 4000 Assistant versions V10 R1 before V10 R1.42.0 and V10 R1.34.8, update to V10 R1.42.0 or V10 R1.34.8.
For Atos Unify OpenScape 4000 Manager versions V10 R0, update to a version after V10 R1.42.0 or V10 R1.34.8.
For Atos Unify OpenScape 4000 Manager versions V10 R1 before V10 R1.42.0 and V10 R1.34.8, update to V10 R1.42.0 or V10 R1.34.8.
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Atos Unify Openscape 4000 Assistant
Atos Unify Openscape 4000 Manager