Lucene search

MitreCVE-2023-29474

HistoryApr 06, 2023 - 11:15 p.m.

CVE-2023-29474

2023-04-0623:15:07

CWE-77

mitre

web.nvd.nist.gov

cve

2023

29474

atos

unify

openscape 4000

manager platform

nvd

osfourk-23552

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.003

Percentile

68.9%

JSON

inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.

Affected configurations

Nvd

Node

atosunify_openscape_4000Match10r1

atosunify_openscape_4000_managerMatch10r1

VendorProductVersionCPE
atosunify_openscape_400010cpe:2.3:a:atos:unify_openscape_4000:10:r1:*:*:*:*:*:*
atosunify_openscape_4000_manager10cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
atos	unify_openscape_4000	10	cpe:2.3:a:atos:unify_openscape_4000:10:r1::::::
atos	unify_openscape_4000_manager	10	cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1::::::

References

networks.unify.com/security/advisories/OBSO-2303-01.pdf

www.news.de/technik/856806612/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.003

Percentile

68.9%

JSON

Related for CVE-2023-29474