CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29091

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. An Unauthenticated Remote Attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 56.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 4.3

References

Products affected by CVE-2022-29091

Dell » Unity Operating Environment » Version: N/A

cpe:2.3:a:dell:unity_operating_environment:-
Dell » Unity Operating Environment » Version: 5.0.7.0.5.008

cpe:2.3:a:dell:unity_operating_environment:5.0.7.0.5.008
Dell » Unity Xt Operating Environment » Version: N/A

cpe:2.3:a:dell:unity_xt_operating_environment:-
Dell » Unity Xt Operating Environment » Version: 5.0.7.0.5.008

cpe:2.3:a:dell:unity_xt_operating_environment:5.0.7.0.5.008
Dell » Unityvsa Operating Environment » Version: N/A

cpe:2.3:a:dell:unityvsa_operating_environment:-
Dell » Unityvsa Operating Environment » Version: 5.0.7.0.5.008

cpe:2.3:a:dell:unityvsa_operating_environment:5.0.7.0.5.008

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29091

Products

Pricing

Contact Us