CVE-2023-35035

{"id": "CVE-2023-35035", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-06-12T02:15:48.610", "references": [{"url": "https://networks.unify.com/security/advisories/OBSO-2305-01.pdf", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.news.de/technik/856882353/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/", "tags": ["Press/Media Coverage", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10 R1.34.8, Assistant V10 R0, Manager V10 R1 before V10 R1.42.0 and V10 R1.34.8, and Manager V10 R0 allow command injection by authenticated users, aka OSFOURK-23557."}], "lastModified": "2023-06-20T18:36:19.147", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:atos:unify_openscape_4000_assistant:10:r0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "663FE8C5-3827-4B6D-A598-247D071DB0C3"}, {"criteria": "cpe:2.3:a:atos:unify_openscape_4000_assistant:10:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1AE8D88-E490-4426-8259-04F65409A2F1"}, {"criteria": "cpe:2.3:a:atos:unify_openscape_4000_assistant:10:r1.34.4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2329F029-2272-484D-A808-99BA9B440654"}, {"criteria": "cpe:2.3:a:atos:unify_openscape_4000_manager:10:r0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A81CFBD0-39E6-4CF2-80DA-1785A6625C8E"}, {"criteria": "cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEB266EB-67B7-4007-A942-D64DB746BB2E"}, {"criteria": "cpe:2.3:a:atos:unify_openscape_4000_manager:10:r1.34.4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4752EB9-34A8-4918-B623-C323A9B3E443"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}