CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6269

An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain access as an arbitrary (administrative) user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.1%

CVSS Severity

CVSS v3 Score 10.0

References

Products affected by CVE-2023-6269

Atos » Unify Openscape Bcf » Version: 10

cpe:2.3:a:atos:unify_openscape_bcf:10
Atos » Unify Openscape Bcf » Version: 10r10.7.0

cpe:2.3:a:atos:unify_openscape_bcf:10r10.7.0
Atos » Unify Openscape Bcf » Version: 10r9.12.1

cpe:2.3:a:atos:unify_openscape_bcf:10r9.12.1
Atos » Unify Openscape Branch » Version: 10

cpe:2.3:a:atos:unify_openscape_branch:10
Atos » Unify Openscape Branch » Version: 10r2.2.1

cpe:2.3:a:atos:unify_openscape_branch:10r2.2.1
Atos » Unify Openscape Branch » Version: 10r3.1.2

cpe:2.3:a:atos:unify_openscape_branch:10r3.1.2
Atos » Unify Openscape Session Border Controller » Version: 10

cpe:2.3:a:atos:unify_openscape_session_border_controller:10
Atos » Unify Openscape Session Border Controller » Version: 10r2.2.1

cpe:2.3:a:atos:unify_openscape_session_border_controller:10r2.2.1
Atos » Unify Openscape Session Border Controller » Version: 10r3.1.3

cpe:2.3:a:atos:unify_openscape_session_border_controller:10r3.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6269

Products

Pricing

Contact Us