Vulnerabilities > Atos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-12 | CVE-2023-35032 | Command Injection vulnerability in Atos products Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command injection by authenticated users, aka OSFOURK-23554. | 8.8 |
2023-06-12 | CVE-2023-35033 | Command Injection vulnerability in Atos products Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23556. | 8.8 |
2023-06-12 | CVE-2023-35034 | Unspecified vulnerability in Atos products Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033. | 9.8 |
2023-06-12 | CVE-2023-35035 | Command Injection vulnerability in Atos products Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557. | 8.8 |
2023-04-14 | CVE-2023-30638 | Command Injection vulnerability in Atos products Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands. | 7.2 |
2022-12-13 | CVE-2022-46404 | Command Injection vulnerability in Atos products A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system. | 9.8 |
2020-02-21 | CVE-2019-19866 | Authorization Bypass Through User-Controlled Key vulnerability in Atos Unify Openscape UC web Client 10.0/9.0 Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. | 5.0 |
2020-02-21 | CVE-2019-19865 | Cross-site Scripting vulnerability in Atos Unify Openscape UC web Client 1.0 Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. | 4.3 |
2020-01-09 | CVE-2014-2651 | Improper Authentication vulnerability in Atos products Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface | 10.0 |
2020-01-09 | CVE-2014-2650 | OS Command Injection vulnerability in Atos products Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface | 10.0 |