CVE-2022-36444
Last modified
CVE-2022-36444 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system.. EPSS estimates a 0.84% chance of exploitation in the next 30 days.
Description
An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Atos | Unify Openscape Bcf | >= 10, < 10r9.12.1 |
| Atos | Unify Openscape Branch | >= 10, < 10r2.1.1 |
| Atos | Unify Openscape Branch | 9 |
| Atos | Unify Openscape Session Border Controller | >= 10, < 10r2.2.1 |
| Atos | Unify Openscape Session Border Controller | 9 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-36444?
How severe is CVE-2022-36444?
How do I fix CVE-2022-36444?
Are you affected by CVE-2022-36444?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST