Vulnerabilities > Atos > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-05 | CVE-2023-6269 | Argument Injection or Modification vulnerability in Atos products An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. | 9.8 |
2023-06-12 | CVE-2023-35034 | Unspecified vulnerability in Atos products Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033. | 9.8 |
2023-04-06 | CVE-2023-29473 | Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710. | 9.8 |
2023-04-06 | CVE-2023-29474 | Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552. | 9.8 |
2023-04-06 | CVE-2023-29475 | Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543. | 9.8 |
2022-12-13 | CVE-2022-46404 | Command Injection vulnerability in Atos products A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system. | 9.8 |
2022-07-25 | CVE-2022-36444 | Unspecified vulnerability in Atos products An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. | 9.8 |
2020-01-09 | CVE-2014-2651 | Improper Authentication vulnerability in Atos products Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface | 9.8 |
2020-01-09 | CVE-2014-2650 | OS Command Injection vulnerability in Atos products Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface | 9.8 |