CVE-2023-40266

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 8, 2024

Updated: Feb 15, 2024

CWE ID 22

Summary

CVE-2023-40266 is a newly disclosed vulnerability affecting Atos Unify OpenScape Xpressions WebAssistant version prior to V7R1 FR5 HF42 P911. This issue enables an attacker to traverse paths, potentially gaining unauthorized access to sensitive data or system functions. The precise nature of the path traversal is not detailed, but it poses a significant risk to organizations using the affected software. It is strongly recommended that users upgrade to a patched version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sTMey5
https://www.cve.org/CVERecord?id=CVE-2023-40266
https://nvd.nist.gov/vuln/detail/CVE-2023-40266

Back to Vulnerability Database

CVE-2023-40266

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations