Dell Unity Operating Environment — known CVE vulnerabilities
Every CVE whose affected-product data names Dell Unity Operating Environment, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (53)
CVE-2025-22398 — CVSS 9.8 (critical): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24383 — CVSS 9.1 (critical): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24381 — CVSS 8.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated…
CVE-2023-43082 — CVSS 8.6 (high): Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate signed by…
CVE-2022-29084 — CVSS 8.1 (high): Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere…
CVE-2026-22277 — CVSS 7.8 (high): Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2024-49564 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2024-49565 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-23383 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24377 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24378 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24379 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24380 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24385 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24386 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-36606 — CVSS 7.8 (high): Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated…
CVE-2025-36607 — CVSS 7.8 (high): Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker…
CVE-2025-43939 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-43940 — CVSS 7.8 (high): Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-43942 — CVSS 7.8 (high): Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-46422 — CVSS 7.8 (high): Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-46423 — CVSS 7.8 (high): Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2026-21418 — CVSS 7.8 (high): Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2024-0164 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated attacker…
CVE-2024-0165 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker…
CVE-2024-0166 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker…
CVE-2024-0167 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker…
CVE-2024-0168 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could…
CVE-2024-0170 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could…
CVE-2024-22222 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_udoctor utility. An authenticated…
CVE-2024-22223 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious…
CVE-2024-22224 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could…
CVE-2024-22225 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated…
CVE-2024-22227 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker could…
CVE-2024-22228 — CVSS 7.8 (high): Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated attacker…
CVE-2024-49563 — CVSS 7.8 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-24382 — CVSS 7.3 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-36604 — CVSS 7.3 (high): Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2024-49601 — CVSS 7.3 (high): Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2025-43941 — CVSS 7.2 (high): Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command…
CVE-2022-29085 — CVSS 6.4 (medium): Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when…
CVE-2024-22230 — CVSS 6.4 (medium): Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. An authenticated attacker could potentially exploit this…
CVE-2021-21547 — CVSS 6.4 (medium): Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell…
CVE-2025-36605 — CVSS 6.1 (medium): Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')…
CVE-2024-0169 — CVSS 5.7 (medium): Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')…
CVE-2023-43065 — CVSS 5.5 (medium): Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to…
CVE-2022-29091 — CVSS 5.3 (medium): Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in…
CVE-2023-43074 — CVSS 5.2 (medium): Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this…
CVE-2023-43066 — CVSS 5.1 (medium): Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this…
CVE-2023-43067 — CVSS 4.9 (medium): Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability…
CVE-2024-22221 — CVSS 4.5 (medium): Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this…
CVE-2024-22226 — CVSS 3.3 (low): Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility. An authenticated attacker could…
CVE-2024-22229 — CVSS 3.1 (low): Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker…