Vulnerability Details CVE-2024-22230
Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. An authenticated attacker could potentially exploit this vulnerability, stealing session information, masquerading as the affected user or carry out any actions that this user could perform, or to generally control the victim's browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.3%
CVSS Severity
CVSS v3 Score 6.4
References
- https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
Products affected by CVE-2024-22230
-
cpe:2.3:a:dell:unity_operating_environment:-
-
cpe:2.3:a:dell:unity_operating_environment:5.0.7.0.5.008
-
cpe:2.3:a:dell:unity_operating_environment:5.2.0.0.5.173
-
cpe:2.3:a:dell:unity_operating_environment:5.3.0.0.5.120
-
cpe:2.3:a:dell:unity_operating_environment:5.4.0.0