CVE-2023-48166

Name of the Vulnerable Software and Affected Versions Atos Unify OpenScape Voice versions prior to V10R3.26.1

Description A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise of the underlying system.

Recommendations For versions prior to V10R3.26.1, update to V10R3.26.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SOAP Server until a patch is applied.