Remote Command Injection Vulnerability in Atos Unify OpenScape Products
CVE-2023-30638

7.2HIGH

Key Information:

Vendor: Atos
Status: Unify Openscape Session Border Controller; Unify Openscape Branch; Unify Openscape Bcf
Vendor: CVE Published:; 14 April 2023

What is CVE-2023-30638?

A vulnerability in Atos Unify's OpenScape SBC, Branch, and BCF products allows remote authenticated administrators to perform command injections. This security flaw could enable unauthorized command execution, leading to potential system manipulation and compromise. It is crucial for users to promptly update their systems to avoid exploitation of this weakness.

References

https://networks.unify.com/security/advisories/OBSO-2303-...

https://www.news.de/technik/856818957/unify-openscape-sbc...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 14, 2023
Vulnerability Reserved
Apr 13, 2023