Vulnerabilities > Atos

DATE CVE VULNERABILITY TITLE RISK
2023-06-12 CVE-2023-35032 Command Injection vulnerability in Atos products
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command injection by authenticated users, aka OSFOURK-23554.
network
low complexity
atos CWE-77
8.8
8.8
2023-06-12 CVE-2023-35033 Command Injection vulnerability in Atos products
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23556.
network
low complexity
atos CWE-77
8.8
8.8
2023-06-12 CVE-2023-35034 Unspecified vulnerability in Atos products
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033.
network
low complexity
atos
critical
 9.8
9.8
2023-06-12 CVE-2023-35035 Command Injection vulnerability in Atos products
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557.
network
low complexity
atos CWE-77
8.8
8.8
2023-04-14 CVE-2023-30638 Command Injection vulnerability in Atos products
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands.
network
low complexity
atos CWE-77
7.2
7.2
2022-12-13 CVE-2022-46404 Command Injection vulnerability in Atos products
A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system.
network
low complexity
atos CWE-77
critical
 9.8
9.8
2020-02-21 CVE-2019-19866 Authorization Bypass Through User-Controlled Key vulnerability in Atos Unify Openscape UC web Client 10.0/9.0
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information.
network
low complexity
atos CWE-639
5.0
5.0
2020-02-21 CVE-2019-19865 Cross-site Scripting vulnerability in Atos Unify Openscape UC web Client 1.0
Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS.
network
atos CWE-79
4.3
4.3
2020-01-09 CVE-2014-2651 Improper Authentication vulnerability in Atos products
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface
network
low complexity
atos CWE-287
critical
 10.0
10
2020-01-09 CVE-2014-2650 OS Command Injection vulnerability in Atos products
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface
network
low complexity
atos CWE-78
critical
 10.0
10