Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Argument injection vulnerability in Atos Unify OpenScape Session Border Controller, Atos Unify OpenScape Branch and Atos Unify OpenScape BCF
Vulnerability Description
An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain access as an arbitrary (administrative) user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
参数注入或修改
Vulnerability Title
Atos Unify OpenScape SBC 安全漏洞
Vulnerability Description
Atos Unify OpenScape SBC是法国Atos公司的一种数据中心就绪的虚拟化安全应用程序。用于将您的应用程序安全地扩展到网络边界之外。 Atos Unify OpenScape SBC V10 R3.4.0之前、OpenScape Branch V10 R3.4.0 之前、OpenScape BCF V10R10.12.00之前和V10R11.05.02 版本存在安全漏洞,该漏洞源于允许未经身份验证的攻击者通过 SSH 获得设备的 root 访问权限,并绕过管理界面中的身份验证,以管理用户
CVSS Information
N/A
Vulnerability Type
N/A