Remote Code Execution Vulnerability in Atos Unify OpenScape Common Management Portal
CVE-2023-45354

8.8HIGH

Key Information:

Vendor: Atos
Status: Unify Openscape Common Management
Vendor: CVE Published:; 9 October 2023

What is CVE-2023-45354?

The Atos Unify OpenScape Common Management Portal versions prior to V10 R4.17.0 and V10 R5.1.0 are susceptible to a critical vulnerability that allows authenticated remote attackers to execute arbitrary code on the host operating system through the web interface. This security issue is identified as OCMP-6589 and could lead to severe implications for system integrity and confidential data.

References

https://networks.unify.com/security/advisories/OBSO-2306-...

https://www.news.de/technik/857003738/unify-openscape-com...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 9, 2023
Vulnerability Reserved
Oct 9, 2023