CVE-2014-2650: OS Command Injection
First published: Thu Jan 09 2020(Updated: )
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atos Openstage 80 Firmware | =v3-r3.11.0 | |
| Atos Openstage 80 | ||
| Atos Openstage 80 G Firmware | =v3-r3.11.0 | |
| Atos Openstage 80 G | ||
| Atos Openstage 60 G Firmware | =v3-r3.11.0 | |
| Atos Openstage 60 G | ||
| Atos Openstage 60 Firmware | =v3-r3.11.0 | |
| Atos Openstage 60 | ||
| Atos Openstage 40 Firmware | =v3-r3.11.0 | |
| Atos Openstage 40 | ||
| Atos Openstage 40 G Firmware | =v3-r3.11.0 | |
| Atos Openstage 40 G | ||
| Atos Openstage 20 E Firmware | =v3-r3.11.0 | |
| Atos Openstage 20 E | ||
| Atos Openstage 20 Firmware | =v3-r3.11.0 | |
| Atos Openstage 20 | ||
| Atos Openstage 20 G Firmware | =v3-r3.11.0 | |
| Atos Openstage 20 G | ||
| Atos Openstage 15 Firmware | =v3-r3.11.0 | |
| Atos Openstage 15 | ||
| Atos Openstage 15 G Firmware | =v3-r3.11.0 | |
| Atos Openstage 15 G | ||
| Atos Openstage 5 Firmware | =v3-r3.11.0 | |
| Atos Openstage 5 | ||
| Atos Openscape Desk Phone Ip 35g Firmware | =v3-r3.11.0 | |
| Atos Openscape Desk Phone Ip 35g | ||
| Atos Openscape Desk Phone Ip 35g Eco Firmware | =v3-r3.11.0 | |
| Atos Openscape Desk Phone Ip 35g Eco | ||
| Atos Openscape Desk Phone Ip 55g Firmware | =v3-r3.11.0 | |
| Atos Openscape Desk Phone Ip 55g |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2014-2650?
CVE-2014-2650 is a vulnerability in the Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP that allows for OS command injection through the web-based management interface.
Is Atos Openstage 80 Firmware affected by CVE-2014-2650?
Yes, Atos Openstage 80 Firmware v3-r3.11.0 is affected by CVE-2014-2650.
How severe is CVE-2014-2650?
CVE-2014-2650 has a severity rating of 9.8, which is considered critical.
How can I fix CVE-2014-2650?
To fix CVE-2014-2650, update your Unify OpenStage / OpenScape Desk Phone IP to V3 R3.11.0 or later.
Where can I find more information about CVE-2014-2650?
You can find more information about CVE-2014-2650 in the security advisories from Unify: [link to security advisories](https://networks.unify.com/security/advisories/OBSO-1403-01.pdf).
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/type
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/atos
- canonical/atos openstage 80 firmware
- version/atos openstage 80 firmware/v3-r3.11.0
- canonical/atos openstage 80
- canonical/atos openstage 80 g firmware
- version/atos openstage 80 g firmware/v3-r3.11.0
- canonical/atos openstage 80 g
- canonical/atos openstage 60 g firmware
- version/atos openstage 60 g firmware/v3-r3.11.0
- canonical/atos openstage 60 g
- canonical/atos openstage 60 firmware
- version/atos openstage 60 firmware/v3-r3.11.0
- canonical/atos openstage 60
- canonical/atos openstage 40 firmware
- version/atos openstage 40 firmware/v3-r3.11.0
- canonical/atos openstage 40
- canonical/atos openstage 40 g firmware
- version/atos openstage 40 g firmware/v3-r3.11.0
- canonical/atos openstage 40 g
- canonical/atos openstage 20 e firmware
- version/atos openstage 20 e firmware/v3-r3.11.0
- canonical/atos openstage 20 e
- canonical/atos openstage 20 firmware
- version/atos openstage 20 firmware/v3-r3.11.0
- canonical/atos openstage 20
- canonical/atos openstage 20 g firmware
- version/atos openstage 20 g firmware/v3-r3.11.0
- canonical/atos openstage 20 g
- canonical/atos openstage 15 firmware
- version/atos openstage 15 firmware/v3-r3.11.0
- canonical/atos openstage 15
- canonical/atos openstage 15 g firmware
- version/atos openstage 15 g firmware/v3-r3.11.0
- canonical/atos openstage 15 g
- canonical/atos openstage 5 firmware
- version/atos openstage 5 firmware/v3-r3.11.0
- canonical/atos openstage 5
- canonical/atos openscape desk phone ip 35g firmware
- version/atos openscape desk phone ip 35g firmware/v3-r3.11.0
- canonical/atos openscape desk phone ip 35g
- canonical/atos openscape desk phone ip 35g eco firmware
- version/atos openscape desk phone ip 35g eco firmware/v3-r3.11.0
- canonical/atos openscape desk phone ip 35g eco
- canonical/atos openscape desk phone ip 55g firmware
- version/atos openscape desk phone ip 55g firmware/v3-r3.11.0
- canonical/atos openscape desk phone ip 55g