CVE-2023-29473
Published Apr 6, 2023
Last updated 2 years ago
Overview
- Description
- webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- nvd@nist.gov
- CWE-77
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:atos:unify_openscape_4000:10:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0717FEEB-03EC-4F21-B798-3016BFF0A096" }, { "criteria": "cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEB266EB-67B7-4007-A942-D64DB746BB2E" } ], "operator": "OR" } ] } ]