Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading to exposure of sensitive information.
References
Configurations
History
21 Nov 2024, 08:55
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.5 |
| References | () https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities - Vendor Advisory |
16 Feb 2024, 13:40
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities - Vendor Advisory | |
| CWE | CWE-89 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| First Time |
Dell
Dell unity Operating Environment |
|
| CPE | cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:* |
12 Feb 2024, 20:39
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-12 19:15
Updated : 2024-11-21 08:55
NVD link : CVE-2024-22221
Mitre link : CVE-2024-22221
CVE.ORG link : CVE-2024-22221
JSON object : View
Products Affected
dell
- unity_operating_environment
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')