Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Jul 2025 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dell
Dell unity Operating Environment |
|
CPEs | cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:* | |
Vendors & Products |
Dell
Dell unity Operating Environment |
Fri, 28 Mar 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 28 Mar 2025 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges. | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: dell
Published: 2025-03-28T02:19:41.497Z
Updated: 2025-03-29T03:55:28.876Z
Reserved: 2025-01-21T06:04:19.372Z
Link: CVE-2025-24386

Updated: 2025-03-28T15:24:32.374Z

Status : Analyzed
Published: 2025-03-28T03:15:18.620
Modified: 2025-07-08T16:32:16.767
Link: CVE-2025-24386

No data.