Cross-Site Scripting Vulnerability in Dell Unity Products
CVE-2023-43065

5.5MEDIUM

Key Information:

Vendor: Dell
Status: Unity
Vendor: CVE Published:; 23 October 2023

Summary

Dell Unity versions before 5.3 are susceptible to a Cross-Site Scripting vulnerability. This flaw allows low-privileged authenticated attackers to exploit the system, potentially leading to escalated privileges and unauthorized access. It is crucial for users of affected Dell Unity products to apply available security updates to mitigate risk.

Affected Version(s)

Unity Versions prior to 5.3.0.0.5.120

References

https://www.dell.com/support/kbdoc/en-us/000213152/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Oct 23, 2023
Vulnerability Reserved
Sep 15, 2023