Skip to main content

Unityvsa Operating Environment

10 CVEs product

Monthly

CVE-2024-22229 MEDIUM This Month

Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-43082 MEDIUM This Month

Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure VMware Dell Unity Operating Environment Unity Xt Operating Environment +1
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-43067 MEDIUM This Month

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43066 HIGH This Week

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43074 HIGH This Week

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-43065 MEDIUM This Month

Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2022-29085 MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-29084 CRITICAL Act Now

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-29091 MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment +1
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-21547 MEDIUM PATCH This Month

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
6.7
EPSS
0.1%
EPSS 0% CVSS 4.3
MEDIUM This Month

Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure VMware Dell +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure +3
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Unity Operating Environment +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy