CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dell: >> Unity Operating Environment >> 5.3.0.0.5.120 Security Vulnerabilities

CVE-2024-0166

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges.

CVSS Score

7.8

EPSS Score

0.003

Published

2024-02-12

CVE-2024-22229

Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker could exploit this vulnerability to forge log entries, create false alarms, and inject malicious content into logs that compromise logs integrity. A malicious attacker could also prevent the product from logging information while malicious actions are performed or implicate an arbitrary user for malicious activities.

CVSS Score

3.1

EPSS Score

0.002

Published

2024-01-24

Page 5

Vulnerabilities

Vulnerable Software

Dell: >> Unity Operating Environment >> 5.3.0.0.5.120 Security Vulnerabilities

Products

Pricing

Contact Us