Known Vulnerabilities for products from Unify
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Unify".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-36619 | Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthentic... | 9.8 - CRITICAL | 2023-10-04 | 2023-10-06 |
| CVE-2023-36618 | Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privi... | 8.8 - HIGH | 2023-10-04 | 2023-10-06 |
| CVE-2015-8251 | OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, Ope... | 5.9 - MEDIUM | 2017-09-25 | 2017-10-11 |
| CVE-2014-9563 | CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScap... | 4.9 - MEDIUM | 2018-04-12 | 2021-09-09 |
| CVE-2014-8422 | The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices befor... | 8.1 - HIGH | 2018-04-12 | 2021-09-09 |
| CVE-2014-8421 | Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain sup... | 7.5 - HIGH | 2018-04-12 | 2021-09-09 |
| CVE-2014-2652 | SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11.3 allows remote attackers t... | 9.8 - CRITICAL | 2018-03-19 | 2018-04-20 |
| CVE-2000-1114 | Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with chara... | 5 - MEDIUM | 2001-01-09 | 2008-09-05 |
| CVE-2000-1025 | eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service vi... | 5 - MEDIUM | 2000-12-11 | 2017-12-19 |
| CVE-2000-1024 | eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attack... | 10 - HIGH | 2000-12-11 | 2017-10-10 |
| CVE-2000-0498 | Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the ... | 7.5 - HIGH | 2000-06-08 | 2024-01-26 |
Known software with vulnerabilities from Unify
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Unify | Sqlbase Clients | 7.6.0 |
| Application | Unify | Sqlbase Sqlconsole | 7.6.0 |