CVE-2023-29474: Command Injection
First published: Thu Apr 06 2023(Updated: )
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atos Unify OpenScape 4000 | =10-r1 | |
| Atos Unify OpenScape 4000 Manager | =10-r1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2023-29474.
What is the severity level of CVE-2023-29474?
The severity level of CVE-2023-29474 is critical with a score of 9.8.
What software is affected by CVE-2023-29474?
Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 are affected by CVE-2023-29474.
How does CVE-2023-29474 impact the affected software?
CVE-2023-29474 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access.
Is there a fix available for CVE-2023-29474?
Yes, updating to version 10 R1.34.4 or later of Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform effectively fixes CVE-2023-29474.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/atos
- canonical/atos unify openscape 4000
- version/atos unify openscape 4000/10-r1
- canonical/atos unify openscape 4000 manager
- version/atos unify openscape 4000 manager/10-r1