Arbitrary File Creation Vulnerability in Dell Unity by Dell
CVE-2023-43074

5.2MEDIUM

Key Information:

Vendor: Dell
Status: Unity
Vendor: CVE Published:; 23 October 2023

Summary

Dell Unity 5.3 has a vulnerability that allows remote unauthenticated attackers to create arbitrary files on the server by sending specially crafted requests. This may lead to unauthorized access or manipulation of sensitive data and poses a significant threat to the integrity of the system. It is essential for users to apply the latest security updates provided by Dell to mitigate this risk and protect their infrastructure.

Affected Version(s)

Unity Versions prior to 5.3.0.0.5.120

References

https://www.dell.com/support/kbdoc/en-us/000213152/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 23, 2023
Vulnerability Reserved
Sep 15, 2023