Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2022-36444

Published: Jul 25, 2022 | Modified: Aug 01, 2022
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2022-36444
CWEhttps://cwe.mitre.org/data/definitions/.html

An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system.

Affected Software

Name Vendor Start Version End Version
Unify_openscape_bcf Atos 10 (including) 10r9.12.1 (excluding)
Unify_openscape_branch Atos 10 (including) 10r2.1.1 (excluding)
Unify_openscape_branch Atos 9 (including) 9 (including)
Unify_openscape_session_border_controller Atos 10 (including) 10r2.2.1 (excluding)
Unify_openscape_session_border_controller Atos 9 (including) 9 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use