Vulnerabilities > Atos > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-6269 | Argument Injection or Modification vulnerability in Atos products An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. | 9.8 |
| 2023-06-12 | CVE-2023-35034 | Unspecified vulnerability in Atos products Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033. | 9.8 |
| 2022-12-13 | CVE-2022-46404 | Command Injection vulnerability in Atos products A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system. | 9.8 |
| 2020-01-09 | CVE-2014-2651 | Improper Authentication vulnerability in Atos products Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface | 10.0 |
| 2020-01-09 | CVE-2014-2650 | OS Command Injection vulnerability in Atos products Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface | 10.0 |