CINXE.COM

<!DOCTYPE html> <html lang="en-US"> <head><script type="text/javascript" src="https://web-static.archive.org/_static/js/bundle-playback.js?v=7YQSqjSh" charset="utf-8"></script> <script type="text/javascript" src="https://web-static.archive.org/_static/js/wombat.js?v=txqj7nKC" charset="utf-8"></script> <script>window.RufflePlayer=window.RufflePlayer||{};window.RufflePlayer.config={"autoplay":"on","unmuteOverlay":"hidden"};</script> <script type="text/javascript" src="https://web-static.archive.org/_static/js/ruffle/ruffle.js"></script> <script type="text/javascript"> __wm.init("https://web.archive.org/web"); __wm.wombat("https://unify.com/en/support/security-advisories","20210420191857","https://web.archive.org/","web","https://web-static.archive.org/_static/", "1618946337"); </script> <link rel="stylesheet" type="text/css" href="https://web-static.archive.org/_static/css/banner-styles.css?v=p7PEIJWi" /> <link rel="stylesheet" type="text/css" href="https://web-static.archive.org/_static/css/iconochive.css?v=3PDvdIFv" />  <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Security Advisories and Security Notes - Atos Unify</title><link rel="alternate" hreflang="en" href="https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories"/> <link rel="alternate" hreflang="fr" href="https://web.archive.org/web/20210420191857/https://unify.com/fr/assistance/security-advisories"/> <link rel="alternate" hreflang="de" href="https://web.archive.org/web/20210420191857/https://unify.com/de/support/security-advisories"/> <link rel="alternate" hreflang="es" href="https://web.archive.org/web/20210420191857/https://unify.com/es/asistencia/security-advisories"/> <link rel="alternate" hreflang="br" href="https://web.archive.org/web/20210420191857/https://unify.com/br/supporte/security-advisories"/>  <meta name="description" content="Product Security Advisories and Security Notes"/> <link rel="canonical" href="https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories"/> <meta property="og:locale" content="en_US"/> <meta property="og:type" content="article"/> <meta property="og:title" content="Security Advisories and Security Notes - Atos Unify"/> <meta property="og:description" content="Product Security Advisories and Security Notes"/> <meta property="og:url" content="https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories"/> <meta property="og:site_name" content="Atos Unify"/> <meta property="article:tag" content="Security"/> <meta property="article:tag" content="Support"/> <meta property="article:tag" content="Vulnerability"/> <meta property="article:section" content="Security Advisories"/> <meta name="twitter:card" content="summary_large_image"/> <meta name="twitter:description" content="Product Security Advisories and Security Notes"/> <meta name="twitter:title" content="Security Advisories and Security Notes - Atos Unify"/> <script type="application/ld+json" class="yoast-schema-graph yoast-schema-graph--main">{"@context":"https://web.archive.org/web/20210420191857/https://schema.org","@graph":[{"@type":"WebSite","@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/#website","url":"https://web.archive.org/web/20210420191857/https://unify.com/en/","name":"Atos Unify","potentialAction":{"@type":"SearchAction","target":"https://web.archive.org/web/20210420191857/https://unify.com/en/?s={search_term_string}","query-input":"required name=search_term_string"}},{"@type":"WebPage","@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories#webpage","url":"https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories","inLanguage":"en-US","name":"Security Advisories and Security Notes - Atos Unify","isPartOf":{"@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/#website"},"datePublished":"2018-05-29T14:24:40+00:00","dateModified":"2021-04-14T17:28:06+00:00","description":"Product Security Advisories and Security Notes","breadcrumb":{"@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories#breadcrumb"}},{"@type":"BreadcrumbList","@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"item":{"@type":"WebPage","@id":"https://web.archive.org/web/20210420191857/https://unify.com/en","url":"https://web.archive.org/web/20210420191857/https://unify.com/en","name":"Home"}},{"@type":"ListItem","position":2,"item":{"@type":"WebPage","@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/support","url":"https://web.archive.org/web/20210420191857/https://unify.com/en/support","name":"Support"}},{"@type":"ListItem","position":3,"item":{"@type":"WebPage","@id":"https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories","url":"https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories","name":"Security Advisories and Security Notes"}}]}]}</script>  <link rel="dns-prefetch" href="//web.archive.org/web/20210420191857/https://s.w.org/"/> <link rel="stylesheet" id="mo_saml_admin_settings_style-css" href="https://web.archive.org/web/20210420191857cs_/https://unify.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/jquery.ui.css" type="text/css" media="all"/> <link rel="stylesheet" id="rs-plugin-settings-css" href="https://web.archive.org/web/20210420191857cs_/https://unify.com/wp-content/plugins/revslider/public/assets/css/settings.css" type="text/css" media="all"/> <style id="rs-plugin-settings-inline-css" type="text/css"> #rs-demo-id {} </style> <link rel="stylesheet" id="rs-typewriter-front-css" href="https://web.archive.org/web/20210420191857cs_/https://unify.com/wp-content/plugins/revslider-typewriter-addon/public/assets/css/typewriter.css" type="text/css" media="all"/> <link rel="stylesheet" id="parent-style-css" href="https://web.archive.org/web/20210420191857cs_/https://unify.com/wp-content/themes/atos/style.css" type="text/css" media="all"/> <link rel="stylesheet" id="atos_fonts_css-css" href="//web.archive.org/web/20210420191857cs_/https://unify.com/fonts.css" type="text/css" media="all"/> <link rel="stylesheet" id="atos_css-css" href="https://web.archive.org/web/20210420191857cs_/https://unify.com/wp-content/themes/unify/style.css" type="text/css" media="all"/> <link rel="stylesheet" id="js_composer_front-css" href="https://web.archive.org/web/20210420191857cs_/https://unify.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css" type="text/css" media="all"/> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/themes/atos/js/jquery-3.5.1.min.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-includes/js/jquery/jquery-migrate.min.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/settings.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js" defer="defer"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js" defer="defer"></script> <script type="text/javascript" src="//web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/revslider-whiteboard-addon/public/assets/js/revolution.addon.whiteboard.min.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/themes/atos/js/lib.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/themes/atos/js/scripts.js"></script> <meta name="generator" content="Powered by Slider Revolution 5.4.8.1 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface."/> <script type="text/javascript">function setREVStartSize(e){ try{ e.c=jQuery(e.c);var i=jQuery(window).width(),t=9999,r=0,n=0,l=0,f=0,s=0,h=0; if(e.responsiveLevels&&(jQuery.each(e.responsiveLevels,function(e,f){f>i&&(t=r=f,l=e),i>f&&f>r&&(r=f,n=e)}),t>r&&(l=n)),f=e.gridheight[l]||e.gridheight[0]||e.gridheight,s=e.gridwidth[l]||e.gridwidth[0]||e.gridwidth,h=i/s,h=h>1?1:h,f=Math.round(h*f),"fullscreen"==e.sliderLayout){var u=(e.c.width(),jQuery(window).height());if(void 0!=e.fullScreenOffsetContainer){var c=e.fullScreenOffsetContainer.split(",");if (c) jQuery.each(c,function(e,i){u=jQuery(i).length>0?u-jQuery(i).outerHeight(!0):u}),e.fullScreenOffset.split("%").length>1&&void 0!=e.fullScreenOffset&&e.fullScreenOffset.length>0?u-=jQuery(window).height()*parseInt(e.fullScreenOffset,0)/100:void 0!=e.fullScreenOffset&&e.fullScreenOffset.length>0&&(u-=parseInt(e.fullScreenOffset,0))}f=u}else void 0!=e.minHeight&&f<e.minHeight&&(f=e.minHeight);e.c.closest(".rev_slider_wrapper").css({height:f}) }catch(d){console.log("Failure at Presize of Slider:"+d)} };</script> <style type="text/css" data-type="vc_shortcodes-custom-css">.vc_custom_1465975762081{background-color: #ffffff !important;}.vc_custom_1527604447009{padding-top: 30px !important;}.vc_custom_1527604355495{padding-top: 30px !important;padding-bottom: 30px !important;}</style><noscript><style> .wpb_animate_when_almost_visible { opacity: 1; }</style></noscript>    <link rel="apple-touch-icon" sizes="44x44" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-44x44.png"/> <link rel="apple-touch-icon" sizes="72x72" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-72x72.png"/> <link rel="apple-touch-icon" sizes="76x76" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-76x76.png"/> <link rel="apple-touch-icon" sizes="114x114" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-114x114.png"/> <link rel="apple-touch-icon" sizes="144x144" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-144x144.png"/> <link rel="apple-touch-icon" sizes="120x120" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-120x120.png"/> <link rel="apple-touch-icon" sizes="152x152" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-152x152.png"/> <link rel="apple-touch-icon" sizes="180x180" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-180x180.png"/> <link rel="icon" type="image/vnd.microsoft.icon" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/favicon-196x196.png"/> <link rel="shortcut icon" type="image/vnd.microsoft.icon" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/favicon-196x196.png"/>   <link rel="icon" sizes="120x120" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-120x120.png"/> <link rel="icon" sizes="192x192" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/atos-bookmark-icon-192x192.png"/> <link rel="icon" type="image/vnd.microsoft.icon" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/favicon.ico"/> <link rel="shortcut icon" type="image/vnd.microsoft.icon" href="https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/themes/unify/images/favicons/favicon.ico"/> <script type="text/javascript"> var home_url = '/en/home'; var logo_fixed=false; var logo_new=false; var post_type="page"; if (typeof ld !== "undefined") ld.init([{"id":"br","url":"\/br\/","menus":[],"local_social_icons":true,"bc":[{"bc_pt":"post","bc_l1_name":"Imprensa","bc_l1_url":"pt-br\/brasil\/imprensa-brasil","bc_l2_name":"","bc_l2_url":""}]},{"id":"zz","url":"\/zz\/","menus":[],"local_social_icons":false,"bc":false},{"id":"fr","url":"\/fr\/","menus":["institutional"],"local_social_icons":true,"bc":[{"bc_pt":"post","bc_l1_name":"Newsroom","bc_l1_url":"\/fr\/news","bc_l2_name":"","bc_l2_url":""}]},{"id":"de","url":"\/de\/","menus":["institutional","header","footer"],"local_social_icons":true,"bc":[{"bc_pt":"post","bc_l1_name":"Newsroom","bc_l1_url":"\/de\/news","bc_l2_name":"","bc_l2_url":""}]},{"id":"it","url":"\/it\/","menus":[],"local_social_icons":false,"bc":[{"bc_pt":"post","bc_l1_name":"Area stampa","bc_l1_url":"\/it\/italia\/newsroom-it","bc_l2_name":"","bc_l2_url":""}]},{"id":"ru","url":"\/ru\/","menus":[],"local_social_icons":false,"bc":[{"bc_pt":"post","bc_l1_name":"\u041f\u0440\u0435\u0441\u0441-\u0446\u0435\u043d\u0442\u0440","bc_l1_url":"\/ru\/russia\/newsroom-ru","bc_l2_name":"","bc_l2_url":""}]},{"id":"es","url":"\/es\/","menus":[],"local_social_icons":true,"bc":[{"bc_pt":"post","bc_l1_name":"Sala de prensa","bc_l1_url":"\/es\/spain\/sala-de-prensa","bc_l2_name":"","bc_l2_url":""}]}]); var icl_lang = 'en'; if (typeof ld !== "undefined") ld.localNavPre(); </script> <script type="application/ld+json" id="bc_json"> { "@context": "https://web.archive.org/web/20210420191857/http://schema.org", "@type": "BreadcrumbList", "itemListElement": [ { "@type": "ListItem", "position": 1, "item": { "@id": "https://web.archive.org/web/20210420191857/https://unify.com/en/", "name": "Home" } }, { "@type": "ListItem", "position": 2, "item": { "@id": "https://web.archive.org/web/20210420191857/https://unify.com/en/support", "name": "Support" } }, { "@type": "ListItem", "position": 3, "item": { "@id": "https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories", "name": "Security Advisories and Security Notes" } } ] } </script> </head> <body class="page_content page_security-advisories wpb-js-composer"> <header class="header"> <div class="wrapper"> <div class="header__pre cf"> <style> .mail_icon { background: url(/web/20210420191857im_/https://unify.com/assets/mail-icon.png) #0066a1 center center no-repeat; background-size: 16px 12px; } </style><ul class="header__pre-external"> <li class="networks-list__icon mail_icon"><a href="/web/20210420191857/https://unify.com/en/contact-us">Mail</a></li> <li class="networks-list__icon twitter"><a href="https://web.archive.org/web/20210420191857/https://twitter.com/AtosUnify" target="_blank">Twitter</a></li> <li class="networks-list__icon linkedin"><a href="https://web.archive.org/web/20210420191857/http://www.linkedin.com/company/UnifyCo" target="_blank">Linkedin</a></li> <li class="networks-list__icon facebook"><a href="https://web.archive.org/web/20210420191857/https://www.facebook.com/AtosUnify" target="_blank">Facebook</a></li> <li class="networks-list__icon instagram"><a href="https://web.archive.org/web/20210420191857/https://www.instagram.com/AtosUnify" target="_blank">FInstagram</a></li> </ul> <ul class="header__pre-language"> <li class="lang-selector parentmenu"> <span>en</span> <ul class="submenu lang-selector__list"><li><a href="javascript:switchLang('https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories');">English</a></li><li><a href="javascript:switchLang('https://web.archive.org/web/20210420191857/https://unify.com/fr/assistance/security-advisories');">Fran莽ais</a></li><li><a href="javascript:switchLang('https://web.archive.org/web/20210420191857/https://unify.com/de/support/security-advisories');">Deutsch</a></li><li><a href="javascript:switchLang('https://web.archive.org/web/20210420191857/https://unify.com/es/asistencia/security-advisories');">Espa帽ol</a></li><li><a href="javascript:switchLang('https://web.archive.org/web/20210420191857/https://unify.com/br/supporte/security-advisories');">Portugu锚s</a></li></ul> <script type="text/javascript"> function switchLang(url) { try { ld.setCookie("local_country", '', -1); window.location.href = url; } catch (err) { } } </script> </li> </ul> </div> <div class="header__main cf"> <div class="header__main-logo"> <a href="https://web.archive.org/web/20210420191857/https://unify.com/en"><img src="/web/20210420191857im_/https://unify.com/assets/unify-composite-144-46.png" alt="Unify"></a> </div> <nav class="header__main-nav"><span class="icon__menu"></span> <ul class="header__main-menu"> <li class="megamenu" lang="en"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions">Solutions</a><div class="submenu"><div class="grid-row"><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions/voice-platforms"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/conversations-icon-150x150.png" alt="Voice Platforms"></span><span class="submenu__item">Voice Platforms</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions/applications"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/unified-communications-icon-150x150.png" alt="Applications"></span><span class="submenu__item">Applications</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions/contact-centers"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/agent-icon-150x150.png" alt="Contact Centers"></span><span class="submenu__item">Contact Centers</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions/phones-and-clients"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/deskphone-icon-150x150.png" alt="Phones and Clients"></span><span class="submenu__item">Phones and Clients</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions/small-and-medium-businesses"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/openscape-business-icon-150x150.png" alt="Small and Medium Businesses"></span><span class="submenu__item">Small and Medium Businesses</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/solutions/time-critical-communications"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/presence-icon-150x150.png" alt="Time Critical Communications"></span><span class="submenu__item">Time Critical Communications</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://atos.net/en/lp/unifyoffice" target="_new"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/team-collab-icon-150x150.png" alt="Team Collaboration"></span><span class="submenu__item">Team Collaboration</span><span class="submenu__flag"></span></a></li></ul></div></div></li><li class="megamenu" lang="en"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/thought-leadership">Thought Leadership</a><div class="submenu"><div class="grid-row"><ul class="grid-col-3"></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/unify-blog"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/chat-icon-150x150.png" alt="Blog"></span><span class="submenu__item">Blog</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/news"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/script-icon-150x150.png" alt="Newsroom"></span><span class="submenu__item">Newsroom</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/success-stories"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/expertise-icon-150x150.png" alt="Success Stories"></span><span class="submenu__item">Success Stories</span><span class="submenu__flag"></span></a></li></ul></div></div></li><li class="megamenu" lang="en"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners">Partners</a><div class="submenu"><div class="grid-row"><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/partner-network"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/globe-icon-150x150.png" alt="Partner Network"></span><span class="submenu__item">Partner Network</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/strategic-partners"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/partners-icon-150x150.png" alt="Strategic Alliances"></span><span class="submenu__item">Strategic Alliances</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/partner-registration"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/value-management-icon-150x150.png" alt="Become a Partner"></span><span class="submenu__item">Become a Partner</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/distributor"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/managed-applications-icon-150x150.png" alt="Distributor"></span><span class="submenu__item">Distributor</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/service-provider"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/openscape-services-icon-150x150.png" alt="Service Provider"></span><span class="submenu__item">Service Provider</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/technology-partners"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/software-icon-150x150.png" alt="Technology Partners"></span><span class="submenu__item">Technology Partners</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/value-added-reseller"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/reporting-icon-150x150.png" alt="Value Added Reseller"></span><span class="submenu__item">Value Added Reseller</span><span class="submenu__flag"></span></a></li><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/find-a-distributor"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/transformation-icon-150x150.png" alt="Find a Distributor"></span><span class="submenu__item">Find a Distributor</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/find-a-partner"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/mobility-icon-150x150.png" alt="Find a Partner"></span><span class="submenu__item">Find a Partner</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://partnerdialog.unify.com/portal/tecpartner/" target="_new"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/softswitch-icon-150x150.png" alt="Technology Partners Extranet"></span><span class="submenu__item">Technology Partners Extranet</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/partners/partner-portal"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2016/06/tools-icon-150x150.png" alt="Partner Portal"></span><span class="submenu__item">Partner Portal</span><span class="submenu__flag"></span></a></li></ul></div></div></li><li class="megamenu" lang="en"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/support">Support</a><div class="submenu"><div class="grid-row"><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/support/customer-support-portal"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/pc-icon-150x150.png" alt="Customer Support Portal"></span><span class="submenu__item">Customer Support Portal</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/unify-estore"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/07/estore-icon-150x150.png" alt="Unify eStore"></span><span class="submenu__item">Unify eStore</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/support/security-advisories"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/intrusion-prevention-icon-150x150.png" alt="Security Advisories"></span><span class="submenu__item">Security Advisories</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/http://wiki.unify.com/wiki/Overview" target="_new"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/script-icon-150x150.png" alt="Experts Wiki"></span><span class="submenu__item">Experts Wiki</span><span class="submenu__flag"></span></a></li></ul></div></div></li><li class="megamenu" lang="en"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/about-us">About Us</a><div class="submenu"><div class="grid-row"><ul class="grid-col-3"></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/about-us/what-we-do"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/digital-transformation-icon-150x150.png" alt="What we do"></span><span class="submenu__item">What we do</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/about-us/green-enterprise"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/05/entrepreneurship-icon-150x150.png" alt="Green Enterprise"></span><span class="submenu__item">Green Enterprise</span><span class="submenu__flag"></span></a></li></ul><ul class="grid-col-3"><li><a href="https://web.archive.org/web/20210420191857/https://atos.net/en/about-us/company-profile" target="_new"><span class="submenu__icon"><img class="lazymenu" src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/loader.svg" data-src="https://web.archive.org/web/20210420191857/https://unify.com/wp-content/uploads/2018/04/headquarters-icon-150x150.png" alt="Atos Company Profile"></span><span class="submenu__item">Atos Company Profile</span><span class="submenu__flag"></span></a></li></ul></div></div></li> </ul> </nav> <div class="header__main-atos"> <img src="/web/20210420191857im_/https://unify.com/wp-content/themes/atos/images/atos-logo-menu-bar.png" alt="Atos logo"> </div> <div class="header__main-search"> <div class="header__main-search__wrapper"> <form id="form__global-search" action="https://web.archive.org/web/20210420191857/https://unify.com/en"> <label for="s">Global Search</label> <input id="s" class="global-search__field" type="text" name="s" placeholder="Global Search"/> <button type="submit">Search</button><input type="hidden" id="popState" value="0"/> </form> </div> </div> </div> <div class="breadcrumb"> <span><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/">Home</a> / </span> <span><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/support">Support</a> / </span> <span class="breadcrumb_last">Security Advisories and Security Notes</span> </div> </div>  <script type="text/javascript"> function cp_s1() { // Begin Google Analytics var e = document.createElement('script'); m = document.getElementsByTagName('script')[0]; e.async = 1; e.src = '/wp-content/themes/unify/js/ga-atos.js'; m.parentNode.insertBefore(e, m); } function cp_s2() { //Pardot piCId = '20467'; piAId = '468241'; piHostname = 'pi.pardot.com'; (function() { function async_load(){ var s = document.createElement('script'); s.type = 'text/javascript'; s.src = ('https:' == document.location.protocol ? 'https://web.archive.org/web/20210420191857/https://pi' : 'https://web.archive.org/web/20210420191857/http://cdn') + '.pardot.com/pd.js'; var c = document.getElementsByTagName('script')[0]; c.parentNode.insertBefore(s, c); } if(window.attachEvent) { window.attachEvent('onload', async_load); } else { window.addEventListener('load', async_load, false); } })(); //Oktopost (function(a, b, c, d, e, m) { a['OktopostTrackerObject'] = d; a[d] = a[d] || function() { (a[d].q = a[d].q || []).push(arguments); }; e = b.createElement('script'); m = b.getElementsByTagName('script')[0]; e.async = 1; e.src = ('https:' === document.location.protocol ? 'https://' : 'http://') + c; m.parentNode.insertBefore(e, m); })(window, document, 'static.oktopost.com/oktrk.js', '_oktrk'); _oktrk('create', '0016lcrx1l5gc8w'); //Adform window._adftrack = Array.isArray(window._adftrack) ? window._adftrack : (window._adftrack ? [window._adftrack] : []); window._adftrack.push({ pm: 775617 }); (function () { var s = document.createElement('script'); s.type = 'text/javascript'; s.async = true; s.src = 'https://web.archive.org/web/20210420191857/https://track.adform.net/serving/scripts/trackpoint/async/'; var x = document.getElementsByTagName('script')[0]; x.parentNode.insertBefore(s, x); })(); //Demandbase (function(d,b,a,s,e){ var t = b.createElement(a), fs = b.getElementsByTagName(a)[0]; t.async=1; t.id=e; t.src=s; fs.parentNode.insertBefore(t, fs); }) (window,document,'script','https://web.archive.org/web/20210420191857/https://scripts.demandbase.com/eb7c61ae.min.js','demandbase_js_lib'); // MRP Unify.com $(document.body).append("<img src=\"https://j.mrpdata.net/u.gif?g=eiw1KBB4aZ038b+2KYwivbql05mHDGtCQ/CBGEa4Reg=&pd=eyJ3ZWJ0cmFja2VyIjoiMi4wIn3e4bPXaJOLfs6WjnYOMJNA\" referrerpolicy=\"unsafe-url\" width=\"1\" height=\"1\" alt=\"\"style=\"display:none;\">"); } function cp_s3() { } window.cp_hit = true; ; </script> <form id="cp" class="accepted"> <div class="grid-row"> <div class="grid-col-9 cp_disclaimer"> <p>Our website uses <a href="https://web.archive.org/web/20210420191857/https://unify.com/en/cookies">cookies</a> to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.<br> You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our <a href="https://web.archive.org/web/20210420191857/https://unify.com/en/privacy-policy">privacy policy</a>.</p> <fieldset> <legend>Select cookie policy level</legend> <label for="cp_l0"> <input id="cp_l0" type="checkbox" disabled="disabled" checked="checked"> <span class="cp_t"></span>Necessary </label> <label for="cp_l1"> <input id="cp_l1" type="checkbox"> <span class="cp_t"></span>Statistics </label> <label for="cp_l2"> <input id="cp_l2" type="checkbox"> <span class="cp_t"></span>Marketing </label> <label for="cp_l3" style="visibility:hidden;display:none;"> <input id="cp_l3" type="checkbox"> <span class="cp_t"></span>Social Media </label> <button id="cp_selected">Accept selection</button> </fieldset> </div> <div class="grid-col-3 cp_link"> <button id="cp_accept">Accept all cookies</button> <button id="cp_decline">Decline all cookies</button> <a class="button" href="https://web.archive.org/web/20210420191857/https://unify.com/en/privacy-policy">Privacy policy</a> </div> </div> </form> </header> <script type="text/javascript"> if (typeof ld !== 'undefined') { ld.cookiePolicy(false); if (ld.navLang !== "") {ld.bc();ld.localNavHeader();} } </script> <main role="main"> <section class="section page"> <header class="page__header--large "><div class="page__header-image cf" style="background-image:url(https://web.archive.org/web/20210420191857im_/https://unify.com/wp-content/uploads/2018/05/security-advisory-hero.jpg);"><div class="page__header-grad"><div class="grid-row"><div class="grid-offset-6 grid-col-6"><div class="header__banner-cta"> <h1 id="pageTitle" class="">Security Advisories</h1> <h2 class="header__banner-subtitle">Vulnerability Intelligence Process</h2> </div></div></div></div></div></header><div data-vc-full-width="true" data-vc-full-width-init="false" class="section vc_custom_1465975762081 fullwidth"></div><div class="vc_row-full-width"></div><div class="section experts_block"><div class="grid-row"><div class="grid-col-12"><h1 class="title_greenline">Product Security Advisories and Security Notes</h1> <div class="subrow"><div class="grid-col-12"><div class="vc_column-inner"><div class="wpb_wrapper"><h3 style="text-align: left;">The Product Security Team of Atos Unify publishes Security Advisories and associated notes as part of Atos Unify’s Vulnerability Intelligence Process.</h3> <p>Security Advisories are published to address security issues in Atos Unify products and how to mitigate or solve them.</p> <p><strong><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/Security_Policy_Vulnerability_Intelligence_Process.pdf" target="_blank" rel="noopener">Find more information in the associated Security Policy – Vulnerability Intelligence Process</a></strong></p> <p>Subscribe to receive e-mail notifications for new or updated Unify Product Security Advisories and Security Notes by sending an email to <a href="https://web.archive.org/web/20210420191857/mailto:obso@atos.net">obso@atos.net</a></p> </div></div></div></div></div></div></div><div class="section"><div class="grid-row"><div class="grid-col-12"><div class="subrow"><div class="grid-col-12"><div class="vc_column-inner"><div class="wpb_wrapper"><h2>List of Security Advisories</h2> </div></div></div></div><div class="subrow"><div class="grid-col-12"><div class="vc_column-inner"><div class="wpb_wrapper"><table align="left"> <tbody> <tr> <td><strong>Advisory ID</strong></td> <td><strong>Title </strong></td> <td><strong>Risk Level </strong></td> <td><strong>Release Date </strong></td> <td><strong>Last Update</strong></td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2103-01.pdf" target="_blank" rel="noopener">OBSO-2103-01</a></td> <td>OpenSSL Remote Denial of Service vulnerability (CVE-2021-3449)</td> <td>聽high</td> <td>2021-03-31</td> <td>2021-03-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2102-01.pdf" target="_blank" rel="noopener">OBSO-2102-01</a></td> <td>Sudo Buffer Overflow Vulnerability (CVE-2021-3156)</td> <td>聽high</td> <td>2021-02-04</td> <td>2021-02-23</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2101-02.pdf" target="_blank" rel="noopener">OBSO-2101-02</a></td> <td>OpenScape Business S – WAN Interface Vulnerability</td> <td>聽high</td> <td>2021-01-19</td> <td>2021-01-19</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2101-01.pdf" target="_blank" rel="noopener">OBSO-2101-01</a></td> <td>Amnesia:33 – Impact on Atos Unify Products</td> <td>medium to low</td> <td>2021-01-08</td> <td>2021-01-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2011-01.pdf" target="_blank" rel="noopener">OBSO-2011-01</a></td> <td>Input validation vulnerability within OpenScape 4000 Assistant/Manager</td> <td>high</td> <td>2020-11-05</td> <td>2020-11-05</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2009-01.pdf" target="_blank" rel="noopener">OBSO-2009-01</a></td> <td>SSH configuration vulnerability within OpenScape 4000</td> <td>medium</td> <td>2020-09-08</td> <td>2021-04-14</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2006-02.pdf" target="_blank" rel="noopener">OBSO-2006-02</a></td> <td>OpenScape 4000 Assistant vulnerabilities</td> <td>medium</td> <td>2020-06-10</td> <td>2020-06-10</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2006-01.pdf" target="_blank" rel="noopener">OBSO-2006-01</a></td> <td>Input validation vulnerability within OpenScape Business</td> <td>high</td> <td>2020-06-02</td> <td>2020-06-05</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2003-02.pdf" target="_blank" rel="noopener">OBSO-2003-02</a></td> <td>GhostCat. Apache Tomcat Unspecified Local File Inclusion. (CVE-2020-1938)</td> <td>high</td> <td>2020-03-12</td> <td>2020-04-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2003-01.pdf" target="_blank" rel="noopener">OBSO-2003-01</a></td> <td>Apache Log4j SocketServer Class Log Data Handling Insecure Deserialization<br/> Remote Code Execution (CVE-2019-17571)</td> <td>info</td> <td>2020-03-03</td> <td>2020-03-13</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-2002-01.pdf" target="_blank" rel="noopener">OBSO-2002-01</a></td> <td>OpenScape UC – Multiple vulnerabilities</td> <td>medium</td> <td>2020-02-17</td> <td>2020-02-17</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1911-02.pdf" target="_blank" rel="noopener">OBSO-1911-02</a></td> <td>Sudo: Privilege escalation via potential bypass of Runas user restrictions (CVE-2019-14287)</td> <td>info</td> <td>2019-11-08</td> <td>2019-11-19</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1911-01.pdf" target="_blank" rel="noopener">OBSO-1911-01</a></td> <td>Impact of Microsoft Advisory ADV190023 for Unify Customers (Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing)</td> <td>info</td> <td>2019-11-06</td> <td>2020-06-10</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1908-01.pdf" target="_blank" rel="noopener">OBSO-1908-01</a></td> <td>VxWorks TCP/IP Network Stack (IPnet, Urgent/11) (CVE-2019-12256 to CVE-2019-12265)</td> <td>info</td> <td>2019-08-14</td> <td>2019-08-14</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1906-01.pdf" target="_blank" rel="noopener">OBSO-1906-01</a></td> <td>TCP SACK PANIC -Linux Kernel vulnerabilities (CVE-2019-11477, CVE-2019-11478, CVE -2019-11479, CVE-2019-5599)</td> <td>medium to high</td> <td>2019-06-21</td> <td>2019-12-17</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1905-02.pdf" target="_blank" rel="noopener">OBSO-1905-02</a></td> <td>Microsoft Windows Remote Desktop Services RDP Connection Request Handling<br/> Remote Code Execution (CVE-2019-0708)</td> <td>high</td> <td>2019-05-16</td> <td>2019-05-17</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1905-01.pdf" target="_blank" rel="noopener">OBSO-1905-01</a></td> <td>Apache Tomcat for Windows CGI Servlet Command Line Argument Handling Remote Code Execution (CVE-2019-0232)</td> <td>high</td> <td>2019-05-07</td> <td>2019-06-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1904-01.pdf" target="_blank" rel="noopener">OBSO-1904-01</a></td> <td>Elasticsearch Improper Permissions Name Indexing Remote Privilege Escalation (CVE-2019-7611)</td> <td>medium</td> <td>2019-04-25</td> <td>2019-04-25</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1903-02.pdf" target="_blank" rel="noopener">OBSO-1903-02</a></td> <td>OpenScape Desk Phones HFA and SIP CSRF and Privilege Escalation vulnerabilities</td> <td>medium</td> <td>2019-03-13</td> <td>2019-08-23</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1903-01.pdf" target="_blank" rel="noopener">OBSO-1903-01</a></td> <td>Google WebRTC RTCPeerConnection Object Handling Use-after-free Arbitrary Code Execution (CVE-2019-6211)</td> <td>medium</td> <td>2019-03-04</td> <td>2019-03-04</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1812-01.pdf" target="_blank" rel="noopener">OBSO-1812-01</a></td> <td>Spring Framework ResourceHttpRequestHandler Remote DoS (CVE-2018-15756)</td> <td>low</td> <td>2018-12-13</td> <td>2018-12-13</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1810-01.pdf" target="_blank" rel="noopener">OBSO-1810-01</a></td> <td>Chinese spy chips in Supermicro servers</td> <td>low</td> <td>2018-10-08</td> <td>2018-12-14</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1808-01.pdf" target="_blank" rel="noopener">OBSO-1808-01</a></td> <td>Faxploit: DEF CON 2018: HP OfficeJet Printer Attack (CVE-2018-5925,CVE-2018-5924)</td> <td>low</td> <td>2018-08-22</td> <td>2018-08-22</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1807-01.pdf" target="_blank" rel="noopener">OBSO-1807-01</a></td> <td>OpenScape Business Root Access</td> <td>high</td> <td>2018-07-30</td> <td>2018-07-30</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1806-03.pdf" target="_blank" rel="noopener">OBSO-1806-03</a></td> <td>Zip Slip (CVE-2018-8009)</td> <td>medium</td> <td>2018-06-28</td> <td>2018-10-18</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1806-02.pdf" target="_blank" rel="noopener">OBSO-1806-02</a></td> <td>Electron Custom Protocol Handler Processing Arbitrary Command Injection (CVE-2018-1000006, CVE-2018-1000118)</td> <td>medium</td> <td>2018-06-28</td> <td>2018-06-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1806-01.pdf" target="_blank" rel="noopener">OBSO-1806-01</a></td> <td>Electron webview Options Object Remote Node.js Integration Manipulation (CVE-2018-1000136)</td> <td>medium</td> <td>2018-06-05</td> <td>2018-06-05</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1805-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1805-01</a></td> <td>Spring Framework spring-messaging Module Message Handling Remote Code Execution (CVE-2018-1270, CVE-2018-1275)</td> <td>high</td> <td>2018-05-24</td> <td>2018-06-01</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1801-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1801-01</a></td> <td>Intel processor flaw: Meltdown and Spectre vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)</td> <td>medium</td> <td>2018-01-04</td> <td>2019-06-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1712-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1712-01</a></td> <td>OpenStage and OpenScape Desk Phones: Web Based Management pages access without<br/> admin password</td> <td>medium</td> <td>2017-12-13</td> <td>2017-12-13</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1711-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1711-01</a></td> <td>WPA2 Protocol Four-way Handshake Handling MitM Issue (KRACK attack)</td> <td>medium</td> <td>2017-11-03</td> <td>2018-02-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1710-01.pdf">OBSO-1710-01</a></td> <td>Linux Kernel bluetooth Remote Stack Buffer Overflow (BlueBorne) (CVE-2017-1000251)</td> <td>medium</td> <td>2017-10-06</td> <td>2017-11-03</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1709-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1709-02</a></td> <td>RTPproxy NAT Functionality RTP Traffic Handling Remote Packet Disclosure (RTP Bleed)<br/> (CVE-2017-14114)</td> <td>info</td> <td>2017-09-28</td> <td>2017-09-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1709-01.pdf">OBSO-1709-01</a></td> <td>curl / libcurl Function TFTP File Name Handling Out-of-bounds Read Issue (CVE-2017-1000100)</td> <td>info</td> <td>2017-09-21</td> <td>2017-09-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1708-01.pdf">OBSO-1708-01</a></td> <td>Linux Kernel Stack Guard Page Security Feature Bypass Weakness (CVE-2017-1000364)</td> <td>medium</td> <td>2017-08-02</td> <td>2020-02-06</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1704-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1704-01</a></td> <td>Microsoft Patchday March 2017: Microsoft Windows SMB Remote Code Execution vulnerabilities</td> <td>high</td> <td>2017-04-28</td> <td>2017-05-09</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1703-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1703-02</a></td> <td>Apache Struts2 Jakarta Multipart Parser File Upload Remote Code Execution (CVE 2017-5638)</td> <td>info</td> <td>2017-03-31</td> <td>2018-10-12</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1703-01.pdf">OBSO-1703-01</a></td> <td>CIA Hack of Siemens/ Unify telephones</td> <td>Info</td> <td>2017-03-14</td> <td>2017-03-14</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1701-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1701-01</a></td> <td>SHA-1 certificates: depreciation in 2017</td> <td>info</td> <td>2017-01-03</td> <td>2017-01-03</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1611-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1611-01</a></td> <td>Dirty Cow: Linux Kernel MAP_PRIVATE COW Flag Breakage Race Condition (CVE-2016-5195)</td> <td>medium</td> <td>2016-11-07</td> <td>2018-06-01</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1610-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1610-03</a></td> <td>Leap Second on 2016-12-31 – Security Note for Unify Products</td> <td>medium</td> <td>2016-10-27</td> <td>2016-10-27</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1610-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1610-02</a></td> <td>ISC BIND Nameserver Denial of Service Vulnerabilities (CVE-2016-2776, CVE-2016-2848)</td> <td>medium</td> <td>2016-10-25</td> <td>2016-10-25</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1610-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1610-01</a></td> <td>OpenScape Xpressions – Information Exposure Vulnerability Through HTTP GET Method at Web Assistant Interface</td> <td>medium</td> <td>2016-10-18</td> <td>2016-10-18</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1607-01.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1607-01</a></td> <td>httpoxy: A CGI Application Vulnerability Affecting Multiple Web Application Languages and Services</td> <td>info</td> <td>2016-07-21</td> <td>2016-07-27</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1603-02.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1603-02</a></td> <td>DROWN: Breaking TLS using SSLv2 (CVE-2016-0800)</td> <td>info</td> <td>2016-03-02</td> <td>2016-10-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1603-01.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1603-01</a></td> <td>Unify SLES 11-based Server Applications – Support of SLES 11 SP4</td> <td>info</td> <td>2016-03-01</td> <td>2016-03-01</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1602-02.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1602-02</a></td> <td>Glibc libresolv – Stack-based Buffer Overflow Vulnerability (CVE-2015-7547)</td> <td>high</td> <td>2016-02-19</td> <td>2016-04-29</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1602-01.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1602-01</a></td> <td>OpenScape Accounting Management – Virus Alert in Installation Procedure</td> <td>info</td> <td>2016-02-05</td> <td>2016-09-29</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1601-01.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1601-01</a></td> <td>OpenSSH Client Information Leak Vulnerability (CVE-2016-0777)</td> <td>low</td> <td>2016-01-26</td> <td>2016-04-04</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1512-04.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1512-04</a></td> <td>Apache Tomcat Denial of Service Vulnerability in ChunkedInputFilter (CVE-2014-0227)</td> <td>medium</td> <td>2015-12-30</td> <td>2016-01-22</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1512-03.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1512-03</a></td> <td>OpenSSH Login Handling Security Bypass Vulnerability (CVE-2015-5600)</td> <td>medium</td> <td>2015-12-30</td> <td>2016-10-25</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1512-02.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1512-02</a></td> <td>Multiple Unify Products – TLS Denial of Service Vulnerability in OpenSSL Certificate Verification (CVE-2015-3194)</td> <td>medium</td> <td>2015-12-23</td> <td>2018-03-27</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1512-01.pdf" target="_blank" rel="noopener noreferrer"> OBSO-1512-01</a></td> <td>OpenScape Voice – MTLS-SIP Denial of Service Vulnerability in OpenSSL Certificate Verification (CVE-2015-0286)</td> <td>medium</td> <td>2015-12-23</td> <td>2015-12-23</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1511-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1511-02</a></td> <td>Non-unique X.509 certificates in OpenStage / OpenScape Desk Phone IP (CVE-2015-8251)</td> <td>medium</td> <td>2015-11-30</td> <td>2015-11-30</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1511-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1511-01</a></td> <td>Deserialisation of Java-objects – Vulnerability in Applications involving Apache Commons-Collections Classes (CVE-2015-8237, CVE-2015-8238)</td> <td>high</td> <td>2015-11-17</td> <td>2016-01-22</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1510-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1510-01</a></td> <td>OpenScape Xpressions – unauthorized external calls via guest access (CVE-2015-7693)</td> <td>medium</td> <td>2015-10-26</td> <td>2016-05-13</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1508-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1508-02</a></td> <td>OpenStage 60 / OpenScape Desk Phone IP 55G – Local service exposure vulnerability (CVE-2015-5391)</td> <td>medium</td> <td>2015-08-13</td> <td>2015-08-13</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1508-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1508-01</a></td> <td>OpenScape Contact Center CDSS – Multiple vulnerabilities fixed in V8 R2.10.11192</td> <td>medium</td> <td>2015-08-05</td> <td>2015-08-05</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1505-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1505-03</a></td> <td>OpenScape UC Web Client and Desktop Client – Cross-Site Scripting (XSS) Vulnerability</td> <td>medium</td> <td>2015-05-22</td> <td>2015-05-22</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1505-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1505-02</a></td> <td>OpenStage / OpenScape Desk Phone IP – HTTP header parsing vulnerability (CVE-2014-9708)</td> <td>medium</td> <td>2015-05-08</td> <td>2015-08-13</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1505-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1505-01</a></td> <td>Leap Second on 2015-06-30 – Security Note for Unify Products</td> <td>info</td> <td>2015-05-21</td> <td>2015-05-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1503-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1503-02</a></td> <td>Samba smbd – Remote Code Execution Vulnerability in netlogon server (CVE-2015-0240)</td> <td>high</td> <td>2015-03-31</td> <td>2015-03-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1503-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1503-01</a></td> <td>OpenScape SBC V8 – SIP Authentication Bypass Vulnerability (CVE-2015-2057)</td> <td>high</td> <td>2015-03-03</td> <td>2015-03-24</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1501-04.pdf" target="_blank" rel="noopener noreferrer">OBSO-1501-04</a></td> <td>GNU glibc Remote Buffer Overflow Vulnerability in gethostbyname – “Ghost” (CVE-2015-0235)</td> <td>low</td> <td>2015-01-31</td> <td>2016-10-10</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1501-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1501-03</a></td> <td>OpenScape Business UC Suite – SQL Injection Vulnerability (CVE-2015-1183)</td> <td>high</td> <td>2015-01-27</td> <td>2015-01-27</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1501-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1501-02</a></td> <td>OpenStage / OpenScape Desk Phone IP – Input Validation Vulnerability via Web Interface<br/> (CVE-2014-9563)</td> <td>low</td> <td>2015-02-26</td> <td>2015-02-26</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1501-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1501-01</a></td> <td>OpenStage / OpenScape Desk Phone IP – Authentication Bypass Vulnerability in WPI Default Mode (CVE-2015-1184)</td> <td>high</td> <td>2015-01-20</td> <td>2015-03-24</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1412-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1412-03</a></td> <td>Hardening of the Intelligent Platform Management Interface (IPMI) on Unify Servers</td> <td>info</td> <td>2014-12-31</td> <td>2014-12-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1412-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1412-02</a></td> <td>NTP – Multiple Stack Based Buffer Overflow Vulnerabilities (CVE-2014-9295)</td> <td>medium</td> <td>2014-12-23</td> <td>2015-01-27</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1412-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1412-01</a></td> <td>Microsoft Windows Remote Code Execution Vulnerability in Schannel (“Winshock”, MS14-066, CVE-2014-6321)</td> <td>high</td> <td>2014-12-01</td> <td>2015-06-16</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1410-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1410-03</a></td> <td>OpenScape Business – Getting Root Access</td> <td>low</td> <td>2014-10-24</td> <td>2014-10-26</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1410-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1410-02</a></td> <td>SSL 3.0 “POODLE” vulnerability (CVE-2014-3566)</td> <td>low</td> <td>2014-10-17</td> <td>2014-10-17</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1410-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1410-01</a></td> <td>OpenStage / OpenScape Desk Phone IP – Authentication Bypass Vulnerability in web-based management (CVE-2014-7950)</td> <td>high</td> <td>2014-10-10</td> <td>2014-10-10</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1409-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1409-01</a></td> <td>Bash – Remote Command Injection Vulnerability “Shellshock” (CVE-2014-6271, CVE-2014 7169 et al.)</td> <td>high</td> <td>2014-09-27</td> <td>2015-07-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1408-04.pdf" target="_blank" rel="noopener noreferrer">OBSO-1408-04</a></td> <td>Java in Unify products – RSA private key timing attack vulnerability (CVE-2014-4244) and failure to validate public Diffie-Hellman parameters (CVE-2014-4263)</td> <td>low</td> <td>2014-08-26</td> <td>2015-08-21</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1408-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1408-03</a></td> <td>OpenScape Web Collaboration – Two Cross Site Scripting (XSS) vulnerabilities</td> <td>medium</td> <td>2014-08-25</td> <td>2014-08-25</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1408-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1408-02</a></td> <td>OpenScape Deployment Service – Hardening of the TLS-based Workpoint Interface</td> <td>info</td> <td>2014-08-22</td> <td>2015-01-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1408-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1408-01</a></td> <td>openSSL TLS Client Denial of Service vulnerability (CVE-2014-3509)</td> <td>low</td> <td>2014-08-12</td> <td>2014-09-26</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1407-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1407-03</a></td> <td>OpenStage / OpenScape Desk Phone IP – Information Exposure Vulnerability in web-based management</td> <td>medium</td> <td>2014-07-24</td> <td>2014-07-24</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1407-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1407-02</a></td> <td>HiPath 4000 V6 – Security Updates for the Gateway Web Interface</td> <td>medium</td> <td>2014-07-23</td> <td>2014-07-23</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1407-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1407-01</a></td> <td>NTP Distributed Reflection Denial-of-Service (DRDoS) attack via the monlist feature (CVE-2013-5211)</td> <td>medium</td> <td>2014-07-25</td> <td>2014-07-25</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/http://networks.unify.com/security/advisories/OBSO-1406-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1406-01</a></td> <td>openSSL ChangeCipherSpec Injection Vulnerability (CVE-2014-0224) and FLUSH+RELOAD Cache Side-channel Attack (CVE-2014-0076)</td> <td>medium</td> <td>2014-06-06</td> <td>2015-07-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1404-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1404-02</a></td> <td>openSSL “Heartbleed” Vulnerability (CVE-2014-0160)</td> <td>medium</td> <td>2014-04-11</td> <td>2014-05-02</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1404-02-A.pdf" target="_blank" rel="noopener noreferrer">OBSO-1404-02-A</a></td> <td>Impact of the “Heartbleed” vulnerability to third-party products (CVE-2014-0160)</td> <td>info</td> <td>2014-04-18</td> <td>2014-05-02</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1404-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1404-01</a></td> <td>OpenScape Deployment Service – Blind SQL Injection Vulnerability (CVE-2014-2652)</td> <td>medium</td> <td>2014-04-11</td> <td>2014-04-11</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1403-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1403-02</a></td> <td>OpenStage / OpenScape Desk Phone IP – Authentication Bypass Vulnerability in WPI Default Mode (CVE-2014-2651)</td> <td>high</td> <td>2014-03-28</td> <td>2014-03-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1403-01.pdf">OBSO-1403-01</a></td> <td>OpenStage / OpenScape Desk Phone IP (SIP) – OS command Injection Vulnerability in web-based management (CVE-2014-2650)</td> <td>high</td> <td>2014-03-28</td> <td>2014-03-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1402-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1402-01</a></td> <td>Mediatrix 4400 Series – Cross-site scripting (XSS) vulnerability (CVE-2014-1612)</td> <td>medium</td> <td>2014-02-07</td> <td>2014-02-07</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1401-05.pdf">OBSO-1401-05</a></td> <td>OpenScape UC Applications – Cross-site Scripting Vulnerability</td> <td>medium</td> <td>2014-01-31</td> <td>2014-01-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1401-04.pdf" target="_blank" rel="noopener noreferrer">OBSO-1401-04</a></td> <td>OpenScape Deployment Service – SQL Injection Vulnerability</td> <td>high</td> <td>2014-01-31</td> <td>2014-01-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1401-03.pdf">OBSO-1401-03</a></td> <td>HiPath 4000/OpenScape 4000 – Unauthenticated write access to file system</td> <td>medium</td> <td>2014-01-31</td> <td>2014-01-31</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1401-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1401-02</a></td> <td>Informational – Expiry of Default Root CA Certificate in OpenScape Solutions</td> <td>info</td> <td>2014-01-28</td> <td>2014-01-28</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1401-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1401-01</a></td> <td>OpenScape Voice V6 – Multiple Vulnerabilities in Operating System and Java Components</td> <td>medium</td> <td>2014-01-15</td> <td>2014-01-15</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1312-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1312-02</a></td> <td>OpenScape Voice Trace Manager – Multiple Vulnerabilities in PHP</td> <td>medium</td> <td>2013-12-20</td> <td>2013-12-20</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1312-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1312-01</a></td> <td>OpenStage HFA/SIP – Cross-site scripting vulnerability in web-based management</td> <td>medium</td> <td>2013-12-16</td> <td>2013-12-16</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1307-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1307-02</a></td> <td>OpenScape Branch/SBC – Nameserver vulnerabilities (CVE-2012-4244, CVE-2012-5166, CVE-2013-2266)</td> <td>high</td> <td>2013-07-26</td> <td>2013-07-26</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1307-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1307-01</a></td> <td>OpenScape Voice V7 R1 – Multiple Vulnerabilities in Operating System and Java Components</td> <td>high</td> <td>2013-07-24</td> <td>2013-12-06</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1306-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1306-02</a></td> <td>OpenStage Cloud Diagnostic Data Collector – PHP and Web Server Vulnerabilities (CVE-2013-1643, CVE-2012-3499)</td> <td>medium</td> <td>2013-06-17</td> <td>2013-06-17</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1306-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1306-01</a></td> <td>OpenScape Branch / OpenScape SBC – Multiple Web Interface Vulnerabilities</td> <td>high</td> <td>2013-06-12</td> <td>2013-11-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1305-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1305-01</a></td> <td>PostgreSQL Security Updates for Multiple Products (CVE-2013-1899)</td> <td>high</td> <td>2013-05-07</td> <td>2013-11-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1202-01.pdf">OBSO-1202-01</a></td> <td>Linux Kernel Privilege Escalation Vulnerability (CVE-2012-0056)</td> <td>info</td> <td>2012-02-01</td> <td>2013-11-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1108-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1108-02</a></td> <td>OpenScape UC Application – local access vulnerability via Web Client</td> <td>high</td> <td>2011-08-23</td> <td>2011-12-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1108-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1108-01</a></td> <td>OpenStage – password accessible in cleartext on webbased interface</td> <td>low</td> <td>2011-08-22</td> <td>2011-08-22</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1106-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1106-01</a></td> <td>Allied Telesis divulges secret backdoor</td> <td>info</td> <td>2011-06-07</td> <td>2013-11-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1011-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1011-01</a></td> <td>OpenStage – configuration data readable by unauthorized users</td> <td>medium</td> <td>2010-11-30</td> <td>2010-11-30</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1010-03.pdf" target="_blank" rel="noopener noreferrer">OBSO-1010-03</a></td> <td>Impact of the Stuxnet worm to Unify systems</td> <td>info</td> <td>2010-10-25</td> <td>2013-11-08</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1010-02.pdf" target="_blank" rel="noopener noreferrer">OBSO-1010-02</a></td> <td>Arbitrary code execution at Manager-E</td> <td>medium</td> <td>2010-10-15</td> <td>2010-10-26</td> </tr> <tr> <td><a href="https://web.archive.org/web/20210420191857/https://networks.unify.com/security/advisories/OBSO-1010-01.pdf" target="_blank" rel="noopener noreferrer">OBSO-1010-01</a></td> <td>Enabled VxWorks debug service</td> <td>high</td> <td>2010-10-15</td> <td>2010-10-15</td> </tr> </tbody> </table> </div></div></div></div></div></div></div> </section> </main> <footer class="footer"> <div class="footer__sub"> <ul class="footer__menu" lang="en"><li id="menu-item-172385" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-172385"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/contact-us">Contact Us</a></li> <li id="menu-item-177263" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-177263"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/cookies">Cookies</a></li> <li id="menu-item-173669" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-173669"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/privacy-policy">Privacy Policy</a></li> <li id="menu-item-188963" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-188963"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/california-privacy-rights">California Privacy Rights</a></li> <li id="menu-item-177273" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-177273"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/data-protection">Data Protection</a></li> <li id="menu-item-173115" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-173115"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/legal-information">Legal Information</a></li> <li id="menu-item-174223" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-174223"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/legal-information/modern-slavery-act">Slavery Statement</a></li> <li id="menu-item-12640" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-12640"><a href="https://web.archive.org/web/20210420191857/https://unify.com/en/terms-of-use">Terms of Use</a></li> <li>© Atos SE 2021 all rights reserved</li></ul> </div> </footer> <script type="text/javascript"> if (typeof ld !== "undefined") ld.localNavFooter(); </script> <script type="text/html" id="wpb-modifications"></script><script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/revslider-typewriter-addon/public/assets/js/revolution.addon.typewriter.min.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-includes/js/wp-embed.min.js"></script> <script type="text/javascript" src="https://web.archive.org/web/20210420191857js_/https://unify.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js"></script> <script type="text/javascript"> /* <![CDATA[ */ jQuery(document).ready( function($) { $("ul.nav-menu").not(":has(li)").hide().closest('div').hide(); }); /* ]]> */ </script></body> </html>