Vulnerability Details CVE-2023-35032
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command injection by authenticated users, aka OSFOURK-23554.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.7%
CVSS Severity
CVSS v3 Score 8.8
References
- https://networks.unify.com/security/advisories/OBSO-2305-01.pdf
- https://www.news.de/technik/856882353/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/
- https://networks.unify.com/security/advisories/OBSO-2305-01.pdf
- https://www.news.de/technik/856882353/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/
Products affected by CVE-2023-35032
-
cpe:2.3:a:atos:unify_openscape_4000_assistant:10
-
cpe:2.3:a:atos:unify_openscape_4000_manager:10