CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22223

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.5%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2024-22223

Dell » Unity Operating Environment » Version: N/A

cpe:2.3:a:dell:unity_operating_environment:-
Dell » Unity Operating Environment » Version: 5.0.7.0.5.008

cpe:2.3:a:dell:unity_operating_environment:5.0.7.0.5.008
Dell » Unity Operating Environment » Version: 5.2.0.0.5.173

cpe:2.3:a:dell:unity_operating_environment:5.2.0.0.5.173
Dell » Unity Operating Environment » Version: 5.3.0.0.5.120

cpe:2.3:a:dell:unity_operating_environment:5.3.0.0.5.120
Dell » Unity Operating Environment » Version: 5.4.0.0

cpe:2.3:a:dell:unity_operating_environment:5.4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22223

Products

Pricing

Contact Us