PT-2023-25104 · Atos · Atos Unify Openscape 4000 Assistant+1

Published

2023-06-12

Updated

2023-06-20

CVE-2023-35032

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Atos Unify OpenScape 4000 Assistant versions prior to V10 R1.42.0 and prior to V10 R1.34.8 Atos Unify OpenScape 4000 Manager versions prior to V10 R1.42.0 and prior to V10 R1.34.8

Description The issue allows command injection by authenticated users.

Recommendations For Atos Unify OpenScape 4000 Assistant versions prior to V10 R1.42.0 and prior to V10 R1.34.8, update to version V10 R1.42.0 or V10 R1.34.8. For Atos Unify OpenScape 4000 Manager versions prior to V10 R1.42.0 and prior to V10 R1.34.8, update to version V10 R1.42.0 or V10 R1.34.8.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2023-35032

Affected Products

Atos Unify Openscape 4000 Assistant

Atos Unify Openscape 4000 Manager

PT-2023-25104 · Atos · Atos Unify Openscape 4000 Assistant+1

CVE-2023-35032

Weakness Enumeration

Related Identifiers

Affected Products

References · 6