An argument injection vulnerability has been identified in the
administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an
unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain
access as an arbitrary (administrative) user.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: SEC-VLab
Published: 2023-12-05T07:35:19.472Z
Updated: 2024-08-02T08:28:20.365Z
Reserved: 2023-11-23T10:39:50.541Z
Link: CVE-2023-6269
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-05T08:15:08.020
Modified: 2024-11-21T08:43:30.003
Link: CVE-2023-6269
Redhat
No data.