Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-29474

inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.

Published

2023-04-06T23:15:07.357

Last Modified

2025-02-12T17:15:19.070

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-77
Type: Secondary
CWE-77

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	atos	unify_openscape_4000	10	Yes
Application	atos	unify_openscape_4000_manager	10	Yes

References

https://networks.unify.com/security/advisories/OBSO-2303-01.pdf Vendor Advisory ([email protected])
https://www.news.de/technik/856806612/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/ Third Party Advisory ([email protected])
https://networks.unify.com/security/advisories/OBSO-2303-01.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.news.de/technik/856806612/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)