Remote Code Execution Vulnerability in Atos Unify OpenScape Products
CVE-2022-36444

8.6HIGH

Key Information:

Vendor: Atos
Status: Unify Openscape Bcf; Unify Openscape Branch; Unify Openscape Session Border Controller
Vendor: CVE Published:; 25 July 2022

What is CVE-2022-36444?

A remote code execution vulnerability exists in multiple versions of Atos Unify OpenScape products, allowing unauthenticated attackers with network access to the admin interface to potentially disrupt system availability. This security flaw can also pose risks to the confidentiality and integrity of the affected systems, making it critical for administrators to update to the patched versions to mitigate these risks.

References

https://networks.unify.com/security/advisories/OBSO-2203-...

x_refsource_MISC

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2022
Vulnerability Reserved
Jul 25, 2022