Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges.
References
Configurations
History
21 Nov 2024, 08:45
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities - Vendor Advisory |
15 Feb 2024, 16:55
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-78 | |
| First Time |
Dell
Dell unity Operating Environment |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| References | () https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities - Vendor Advisory | |
| CPE | cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:* |
12 Feb 2024, 20:39
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-12 19:15
Updated : 2024-11-21 08:45
NVD link : CVE-2024-0167
Mitre link : CVE-2024-0167
CVE.ORG link : CVE-2024-0167
JSON object : View
Products Affected
dell
- unity_operating_environment
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')