CVE-2023-45352: Path Traversal
First published: Mon Oct 09 2023(Updated: )
Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. This is also known as OCMP-6592.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atos Unify OpenScape Common Management | =10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-45352.
What is the affected software?
The affected software is Atos Unify OpenScape Common Management Portal V10.
What is the severity of the vulnerability?
The severity of the vulnerability is high with a CVSS score of 8.8.
How can an attacker exploit this vulnerability?
An authenticated attacker can exploit this vulnerability by executing arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders.
How can I fix this vulnerability?
To fix this vulnerability, update Atos Unify OpenScape Common Management Portal to V10 R4.17.0 or V10 R5.1.0.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/event
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/atos
- canonical/atos unify openscape common management
- version/atos unify openscape common management/10