Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
                
            Metrics
Affected Vendors & Products
References
        History
                    Tue, 08 Jul 2025 16:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Dell Dell unity Operating Environment | |
| CPEs | cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:* | |
| Vendors & Products | Dell Dell unity Operating Environment | 
Fri, 28 Mar 2025 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 28 Mar 2025 02:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges. | |
| Weaknesses | CWE-78 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: dell
Published:
Updated: 2025-03-29T03:55:38.281Z
Reserved: 2024-10-16T05:04:26.795Z
Link: CVE-2024-49563
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-03-28T13:59:43.506Z
 NVD
                        NVD
                    Status : Undergoing Analysis
Published: 2025-03-28T02:15:13.510
Modified: 2025-07-08T16:25:00.350
Link: CVE-2024-49563
 Redhat
                        Redhat
                    No data.