Restricted Shell Bypass in Dell Unity Product by Dell
CVE-2023-43066

5.1MEDIUM

Key Information:

Vendor: Dell
Status: Unity
Vendor: CVE Published:; 23 October 2023

Summary

Dell Unity systems prior to version 5.3 are susceptible to a Restricted Shell Bypass vulnerability. An authenticated, local attacker can exploit this flaw by accessing the device's command-line interface (CLI) and executing specific commands, potentially leading to unauthorized actions within the system environment. This highlights the importance of keeping your Dell Unity products updated to mitigate the risk of such vulnerabilities.

Affected Version(s)

Unity Versions prior to 5.3.0.0.5.120

References

https://www.dell.com/support/kbdoc/en-us/000213152/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 23, 2023
Vulnerability Reserved
Sep 15, 2023