Vulnerabilities > Dell > Unity Operating Environment

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-22224 OS Command Injection vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility.
local
low complexity
dell CWE-78
7.8
7.8
2024-02-12 CVE-2024-22225 OS Command Injection vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility.
local
low complexity
dell CWE-78
7.8
7.8
2024-02-12 CVE-2024-22226 Path Traversal vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility.
network
low complexity
dell CWE-22
6.5
6.5
2024-02-12 CVE-2024-22227 OS Command Injection vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility.
local
low complexity
dell CWE-78
7.8
7.8
2024-02-12 CVE-2024-22228 OS Command Injection vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility.
local
low complexity
dell CWE-78
7.8
7.8
2024-02-12 CVE-2024-22230 Cross-site Scripting vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability.
network
low complexity
dell CWE-79
5.4
5.4
2024-01-24 CVE-2024-22229 Improper Encoding or Escaping of Output vulnerability in Dell products
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker.
network
low complexity
dell CWE-116
4.3
4.3
2023-11-22 CVE-2023-43082 Improper Certificate Validation vulnerability in Dell products
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component.
network
high complexity
dell CWE-295
5.9
5.9
2023-10-23 CVE-2023-43066 OS Command Injection vulnerability in Dell products
Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability.
local
low complexity
dell CWE-78
7.8
7.8
2023-10-23 CVE-2023-43067 XXE vulnerability in Dell products
Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability.
network
low complexity
dell CWE-611
6.5
6.5