Vulnerabilities > Atos > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-6269 Argument Injection or Modification vulnerability in Atos products
An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02.
network
low complexity
atos CWE-88
critical
9.8
2023-06-12 CVE-2023-35034 Unspecified vulnerability in Atos products
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033.
network
low complexity
atos
critical
9.8
2023-04-06 CVE-2023-29473 Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710.
network
low complexity
atos CWE-77
critical
9.8
2023-04-06 CVE-2023-29474 Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.
network
low complexity
atos CWE-77
critical
9.8
2023-04-06 CVE-2023-29475 Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543.
network
low complexity
atos CWE-77
critical
9.8
2022-12-13 CVE-2022-46404 Command Injection vulnerability in Atos products
A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system.
network
low complexity
atos CWE-77
critical
9.8
2022-07-25 CVE-2022-36444 Unspecified vulnerability in Atos products
An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1.
network
low complexity
atos
critical
9.8
2020-01-09 CVE-2014-2651 Improper Authentication vulnerability in Atos products
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface
network
low complexity
atos CWE-287
critical
9.8
2020-01-09 CVE-2014-2650 OS Command Injection vulnerability in Atos products
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface
network
low complexity
atos CWE-78
critical
9.8