First published: Thu Jan 09 2020(Updated: )
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Atos Openstage 80 Firmware | =v3-r3.11.0 | |
Atos Openstage 80 G | ||
Atos Openstage 80 Firmware | =v3-r3.11.0 | |
Atos Openstage 80 G | ||
Atos Openstage 60 G Firmware | =v3-r3.11.0 | |
Atos Openstage 60 G | ||
Atos Openstage 60 Firmware | =v3-r3.11.0 | |
Unify Openstage 60 | ||
Unify Openstage 40 Firmware | =v3-r3.11.0 | |
Unify Openstage 40 | ||
Atos Openstage 40 G Firmware | =v3-r3.11.0 | |
Atos Openstage 40 G Firmware | ||
Unify Openstage 20 Firmware | =v3-r3.11.0 | |
Unify Openstage 20e | ||
Unify Openstage 20 Firmware | =v3-r3.11.0 | |
Unify Openstage 20e | ||
Atos Openstage 20 G Firmware | =v3-r3.11.0 | |
Atos Openstage 20 G Firmware | ||
Unify Openstage 15 Firmware | =v3-r3.11.0 | |
Atos Openstage 15 | ||
Atos Openstage 15 | =v3-r3.11.0 | |
Atos Openstage 15 G Firmware | ||
Atos Openstage 5 Firmware | =v3-r3.11.0 | |
Atos Openstage 5 | ||
Unify OpenScape Desk Phone IP 35G | =v3-r3.11.0 | |
Unify OpenScape Desk Phone IP 35G HFA Firmware | ||
Atos OpenStage 35G | =v3-r3.11.0 | |
Atos Openscape Desk Phone IP 35G Eco Firmware | ||
Unify OpenScape Desk Phone IP 55G SIP Firmware | =v3-r3.11.0 | |
Atos OpenScape Desk Phone IP 55G |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-2650 is a vulnerability in the Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP that allows for OS command injection through the web-based management interface.
Yes, Atos Openstage 80 Firmware v3-r3.11.0 is affected by CVE-2014-2650.
CVE-2014-2650 has a severity rating of 9.8, which is considered critical.
To fix CVE-2014-2650, update your Unify OpenStage / OpenScape Desk Phone IP to V3 R3.11.0 or later.
You can find more information about CVE-2014-2650 in the security advisories from Unify: [link to security advisories](https://networks.unify.com/security/advisories/OBSO-1403-01.pdf).