Vulnerability Details : CVE-2023-6269
Potential exploit
An argument injection vulnerability has been identified in the
administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an
unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain
access as an arbitrary (administrative) user.
Products affected by CVE-2023-6269
- cpe:2.3:a:atos:unify_openscape_bcf:*:*:*:*:*:*:*:*
- cpe:2.3:a:atos:unify_openscape_branch:*:*:*:*:*:*:*:*
- Atos » Unify Openscape Session Border ControllerVersions from including (>=) 10 and before (<) 10r3.4.0cpe:2.3:a:atos:unify_openscape_session_border_controller:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-6269
0.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-6269
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
3.9
|
6.0
|
SEC Consult Vulnerability Lab | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-6269
-
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.Assigned by:
- 551230f0-3615-47bd-b7cc-93e92e730bbf (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-6269
-
http://seclists.org/fulldisclosure/2023/Dec/16
Full Disclosure: SEC Consult SA-20231205 :: Argument injection leading to unauthenticated RCE and authentication bypass in Atos Unify OpenScape Session Border Controller (SBC), Branch, BCF
-
https://networks.unify.com/security/advisories/OBSO-2310-01.pdf
Vendor Advisory
-
https://r.sec-consult.com/unifyroot
Argument injection vulnerability in multiple Atos Unify OpenScape products - SEC ConsultExploit;Third Party Advisory
-
http://packetstormsecurity.com/files/176194/Atos-Unify-OpenScape-Authentication-Bypass-Remote-Code-Execution.html
Atos Unify OpenScape Authentication Bypass / Remote Code Execution ≈ Packet Storm
Jump to