CVE-2023-29474

CRITICAL

Atos Unify OpenScape 4000 Platform and Manager Platform 10 R1 - Unauthenticated Remote Code Execution

Title source: llm

Description

inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.

References (2)

Core 2

Core References

Vendor Advisory

https://networks.unify.com/security/advisories/OBSO-2303-01.pdf

Third Party Advisory

https://www.news.de/technik/856806612/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/

Scores

CVSS v3 9.8

EPSS 0.0084

EPSS Percentile 53.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-77

Status published

Products (2)

atos/unify_openscape_4000 10 r1

atos/unify_openscape_4000_manager 10 r1

Published Apr 06, 2023

Tracked Since Feb 18, 2026