A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system.
References
Link | Resource |
---|---|
https://networks.unify.com/security/advisories/OBSO-2211-02.pdf | Mitigation Vendor Advisory |
https://www.heise.de/news/Kommunikationssoftware-Kritische-Sicherheitsluecke-in-Atos-Unify-OpenScape-4000-7358657.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-13T00:00:00
Updated: 2022-12-13T00:00:00
Reserved: 2022-12-04T00:00:00
Link: CVE-2022-46404
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-13T21:15:11.800
Modified: 2022-12-27T16:12:32.677
Link: CVE-2022-46404
JSON object: View
Redhat Information
No data.
CWE