Home/Product/dell unity operating environment
Product

dell unity operating environment

53 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-22277
< 5.5.3.0
Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Comm
7.8HIGH
 CVE-2026-21418
< 5.5.3.0
Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Comma
7.8HIGH
 CVE-2025-46423
< 5.5.2.0
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-46422
< 5.5.2.0
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-43942
< 5.5.2.0
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-43941
< 5.5.2.0
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.2HIGH
 CVE-2025-43940
< 5.5.2.0
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-43939
< 5.5.2.0
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-36607
< 5.5.1.0
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated at
7.8HIGH
 CVE-2025-36606
< 5.5.1.0
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authentic
7.8HIGH
 CVE-2025-36605
< 5.5.1.0
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scrip
6.1MEDIUM
 CVE-2025-36604
< 5.5.1.0
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.3HIGH
 CVE-2025-24386
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-24385
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-24381
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthen
8.8HIGH
 CVE-2025-24380
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-24379
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-24378
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-24377
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2025-23383
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2024-49601
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.3HIGH
 CVE-2025-24383
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
9.1CRITICAL
 CVE-2025-24382
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.3HIGH
 CVE-2025-22398
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
9.8CRITICAL
 CVE-2024-49565
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2024-49564
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2024-49563
< 5.5.0.0.5.259
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command
7.8HIGH
 CVE-2024-22230
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. An authenticated attacker could potentially expl
6.4MEDIUM
 CVE-2024-22228
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated
7.8HIGH
 CVE-2024-22227
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker
7.8HIGH
 CVE-2024-22226
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility. An authenticated attac
3.3LOW
 CVE-2024-22225
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticat
7.8HIGH
 CVE-2024-22224
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacke
7.8HIGH
 CVE-2024-22223
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated mal
7.8HIGH
 CVE-2024-22222
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_udoctor utility. An authenticated
7.8HIGH
 CVE-2024-22221
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this
4.5MEDIUM
 CVE-2024-0170
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attack
7.8HIGH
 CVE-2024-0169
< 5.4.0.0.5.094
Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scrip
5.7MEDIUM
 CVE-2024-0168
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker co
7.8HIGH
 CVE-2024-0167
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated at
7.8HIGH
 CVE-2024-0166
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated att
7.8HIGH
 CVE-2024-0165
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated
7.8HIGH
 CVE-2024-0164
< 5.4.0.0.5.094
Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated att
7.8HIGH
 CVE-2024-22229
all versions
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An at
3.1LOW
 CVE-2023-43082
< 5.3.0.0.5.120
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate s
8.6HIGH
 CVE-2023-43067
< 5.3.0.0.5.120
Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vuln
4.9MEDIUM
 CVE-2023-43066
< 5.3.0.0.5.120
Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exp
5.1MEDIUM
 CVE-2023-43074
< 5.3.0.0.5.120
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit th
5.2MEDIUM
 CVE-2023-43065
< 5.3.0.0.5.120
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these i
5.5MEDIUM
 CVE-2022-29085
< 5.2.0.0.5.173
Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability w
6.4MEDIUM
 CVE-2022-29084
< 5.2.0.0.5.173
Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Un
8.1HIGH
 CVE-2022-29091
< 5.2.0.0.5.173
Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability
5.3MEDIUM
 CVE-2021-21547
< 5.0.7.0.5.008
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when th
6.4MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh