VYPR

UnityXT

by Dell

CVEs (63)

  • CVE-2024-49565HigMar 28, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution…

  • CVE-2024-49564HigMar 28, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of…

  • CVE-2024-49563HigMar 28, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of…

  • CVE-2024-22228HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root…

  • CVE-2024-22227HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability execute commands with root privileges.

  • CVE-2024-22225HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.

  • CVE-2024-22224HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.

  • CVE-2024-22223HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's…

  • CVE-2024-22222HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_udoctor utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the…

  • CVE-2024-0170HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.…

  • CVE-2024-0168HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to inject arbitrary operating system commands. This vulnerability allows an…

  • CVE-2024-0167HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges.

  • CVE-2024-0166HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges.

  • CVE-2024-0165HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.

  • CVE-2024-0164HigFeb 12, 2024
    risk 0.51cvss 7.8epss 0.01

    Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary commands with elevated privileges.

  • CVE-2019-3741HigJul 18, 2019
    risk 0.51cvss 7.8epss 0.00

    Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s (including the admin privilege user) password is stored in a plain text in Unity Data Collection bundle (logs files for troubleshooting). A local…

  • CVE-2020-29490HigJan 5, 2021
    risk 0.49cvss 7.5epss 0.01

    Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a Denial of Service vulnerability on NAS Servers with NFS exports. A remote authenticated attacker could potentially exploit this vulnerability and cause Denial of Service (Storage Processor Panic) by…

  • CVE-2020-5319HigFeb 6, 2020
    risk 0.49cvss 7.5epss 0.01

    Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit…

  • CVE-2024-49601HigMar 28, 2025
    risk 0.48cvss 7.3epss 0.02

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

  • CVE-2025-24382HigMar 28, 2025
    risk 0.48cvss 7.3epss 0.01

    Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.