Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Jul 2025 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dell
Dell unity Operating Environment |
|
CPEs | cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:* | |
Vendors & Products |
Dell
Dell unity Operating Environment |
Fri, 28 Mar 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 28 Mar 2025 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges. | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: dell
Published: 2025-03-28T01:31:59.287Z
Updated: 2025-03-29T03:55:37.062Z
Reserved: 2024-10-16T05:04:26.796Z
Link: CVE-2024-49564

Updated: 2025-03-28T14:00:09.767Z

Status : Analyzed
Published: 2025-03-28T02:15:13.670
Modified: 2025-07-08T16:33:22.117
Link: CVE-2024-49564

No data.