Atos

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-41099 1Atos 1Eviden Cardos Api Jun 17, 2025 Mar 22, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, Local Privilege Escalation can occur.(from a regular user to SYSTEM).
CVE-2023-6269 1Atos 3Unify Openscape Bcf Unify Openscape BranchUnify Openscape Session Border Controller Nov 21, 2024 Dec 5, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "...Show more An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain access as an arbitrary (administrative) user.Show less
CVE-2023-45356 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, lead...Show more Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, leading to administrative access, via dtb pages of the platform portal. This is also known as OSFOURK-23719.Show less
CVE-2023-45355 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 and 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system,...Show more Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 and 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, leading to administrative access via the webservice. This is also known as OSFOURK-24120.Show less
CVE-2023-45354 1Atos 1Unify Openscape Common Management Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated remote attacker to execute arbitrary code on the operating system by using the Common Management Portal web inte...Show more Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated remote attacker to execute arbitrary code on the operating system by using the Common Management Portal web interface. This is also known as OCMP-6589.Show less
CVE-2023-45353 1Atos 1Unify Openscape Common Management Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system by leveraging the Common Management Portal web interf...Show more Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system by leveraging the Common Management Portal web interface for Authenticated remote upload and creation of arbitrary files affecting the underlying operating system. This is also known as OCMP-6591.Show less
CVE-2023-45352 1Atos 1Unify Openscape Common Management Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path tra...Show more Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. This is also known as OCMP-6592.Show less
CVE-2023-45351 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.1, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.42.1, and 4000 Manager V10 R0 allow Authenticated Command Injection via AShbr. This is also known as...Show more Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.1, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.42.1, and 4000 Manager V10 R0 allow Authenticated Command Injection via AShbr. This is also known as OSFOURK-24039.Show less
CVE-2023-45350 1Atos 1Unify Openscape 4000 Manager Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Manager V10 R1 before V10 R1.42.1 and 4000 Manager V10 R0 allow Privilege escalation that may lead to the ability of an authenticated attacker to run arbitrary code via AScm. This is also known...Show more Atos Unify OpenScape 4000 Manager V10 R1 before V10 R1.42.1 and 4000 Manager V10 R0 allow Privilege escalation that may lead to the ability of an authenticated attacker to run arbitrary code via AScm. This is also known as OSFOURK-24034.Show less
CVE-2023-45349 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Oct 9, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.34.7, 4000 Assistant V10 R1.42.0, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.34.7, 4000 Manager V10 R1.42.0, and 4000 Manager V10 R0 expose sensitive...Show more Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.34.7, 4000 Assistant V10 R1.42.0, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.34.7, 4000 Manager V10 R1.42.0, and 4000 Manager V10 R0 expose sensitive information that may allow lateral movement to the backup system via AShbr. This is also known as OSFOURK-23722.Show less
CVE-2023-35035 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Jun 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka O...Show more Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557.Show less
CVE-2023-35034 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Jan 6, 2025 Jun 12, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow remote code execution by unauthenticated users, aka OSFOURK-24033.
CVE-2023-35033 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Jun 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka O...Show more Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23556.Show less
CVE-2023-35032 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Nov 21, 2024 Jun 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8 and Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8 allow command injection by authenticated users, aka OSFOURK-23554.
CVE-2023-35031 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Jan 6, 2025 Jun 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka O...Show more Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-24036.Show less
CVE-2023-30638 1Atos 3Unify Openscape Bcf Unify Openscape BranchUnify Openscape Session Border Controller Feb 7, 2025 Apr 14, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands.
CVE-2023-29475 1Atos 2Unify Openscape 4000 Unify Openscape 4000 Manager Feb 12, 2025 Apr 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve admini...Show more inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543.Show less
CVE-2023-29474 1Atos 2Unify Openscape 4000 Unify Openscape 4000 Manager Feb 12, 2025 Apr 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve admini...Show more inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.Show less
CVE-2023-29473 1Atos 2Unify Openscape 4000 Unify Openscape 4000 Manager Feb 12, 2025 Apr 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve admin...Show more webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710.Show less
CVE-2022-46404 1Atos 2Unify Openscape 4000 Assistant Unify Openscape 4000 Manager Apr 22, 2025 Dec 13, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthentic...Show more A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system.Show less

12 Next