CVE-2023-40265

EUVD-2023-44862
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
mitelunify_openscape_xpressions_webassistant
7.0 ≤
𝑥
< 7r1_fr5_hf42_p911
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://networks.unify.com/security/advisories/OBSO-2305-03.pdf
https://networks.unify.com/security/advisories/OBSO-2305-03.pdf