Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SEC Consult Vulnerability Lab

#551230f0-3615-47bd-b7cc-93e92e730bbf
PolicyEmail

Short Name

SEC-VLab

Program Role

CNA

Top Level Root

MITRE Corporation

Security Advisories

View Advisories

Domain

sec-consult.com

Country

Austria

Scope

All vulnerabilities discovered in third-party hardware/software by SEC Consult Vulnerability Lab (part of SEC Consult, an Eviden business), which are not in another CNA’s scope.
Reported CVEsVendorsProductsReports
102Vulnerabilities found
CVE-2023-6269
Assigner-SEC Consult Vulnerability Lab
ShareView Details
Assigner-SEC Consult Vulnerability Lab
CVSS Score-10||CRITICAL
EPSS-0.46% / 63.77%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 07:35
Updated-13 Feb, 2025 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Argument injection vulnerability in Atos Unify OpenScape Session Border Controller, Atos Unify OpenScape Branch and Atos Unify OpenScape BCF

An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticated attacker to gain root access to the appliance via SSH (scope change) and also bypass authentication for the administrative interface and gain access as an arbitrary (administrative) user.

Action-Not Available
Vendor-atosAtos Unify
Product-unify_openscape_branchunify_openscape_bcfunify_openscape_session_border_controllerOpenScape Session Border Controller (SBC)OpenScape BCFOpenScape Branch
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2023-6253
Assigner-SEC Consult Vulnerability Lab
ShareView Details
Assigner-SEC Consult Vulnerability Lab
CVSS Score-6||MEDIUM
EPSS-0.03% / 9.49%
||
7 Day CHG~0.00%
Published-22 Nov, 2023 | 11:22
Updated-13 Feb, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Saved Uninstall Key in Digital Guardian Agent Uninstaller

A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file.

Action-Not Available
Vendor-Fortra LLC
Product-digital_guardian_agentDigital Guardian Agent
CWE ID-CWE-922
Insecure Storage of Sensitive Information
  • Previous
  • 1
  • 2
  • 3
  • Next