CVE-2023-6269

CRITICAL

Atos Unify OpenScape <V10 R3.4.0, V10R10.12.00, V10R11.05.02 - Comm...

Title source: llm

Description

An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain access as an arbitrary (administrative) user.

References (4)

[Vendor Advisory] https://networks.unify.com/security/advisories/OBSO-2310-01.pdf

[Exploit, Third Party Advisory] https://r.sec-consult.com/unifyroot

[Mailing List] http://seclists.org/fulldisclosure/2023/Dec/16

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/176194/Atos-Unify-OpenScape-Authentication-Bypass-Remote-Code-Execution.html

Scores

CVSS v3 10.0

EPSS 0.0046

EPSS Percentile 63.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-88

Status published

Affected Products (3)

atos/unify_openscape_bcf < 10r10.12.00

atos/unify_openscape_branch < 10r3.4.0

atos/unify_openscape_session_border_controller < 10r3.4.0

Timeline

Published Dec 05, 2023

Tracked Since Feb 18, 2026