CVE-2023-35035
Severity CVSS v4.0:
Pending analysis
Type:
CWE-77
Command Injection
Publication date:
12/06/2023
Last modified:
20/06/2023
Description
Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:atos:unify_openscape_4000_assistant:10:r0:*:*:*:*:*:* | ||
cpe:2.3:a:atos:unify_openscape_4000_assistant:10:r1:*:*:*:*:*:* | ||
cpe:2.3:a:atos:unify_openscape_4000_assistant:10:r1.34.4:*:*:*:*:*:* | ||
cpe:2.3:a:atos:unify_openscape_4000_manager:10:r0:*:*:*:*:*:* | ||
cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1:*:*:*:*:*:* | ||
cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1.34.4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page