Remote Code Execution Vulnerability in Atos Unify OpenScape Common Management Portal
CVE-2023-45353

8.8HIGH

Key Information:

Vendor: Atos
Status: Unify Openscape Common Management
Vendor: CVE Published:; 9 October 2023

What is CVE-2023-45353?

The Atos Unify OpenScape Common Management Portal versions prior to V10 R4.17.0 and V10 R5.1.0 are susceptible to a vulnerability that enables authenticated attackers to execute arbitrary code on the operating system. This flaw exists within the web interface, allowing for the remote upload and creation of files, thereby compromising the security of the underlying operating system. It is essential for organizations using the affected versions to take immediate action to mitigate the risks associated with this vulnerability.

References

https://networks.unify.com/security/advisories/OBSO-2306-...

https://www.news.de/technik/857003738/unify-openscape-com...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 9, 2023
Vulnerability Reserved
Oct 9, 2023