Dell (Dell Unity) Products February 2024 1st Security Update Advisory

Feb 13 2024

Overview

Dell(https://www.dell.com) has released a security update that fixes vulnerabilities in products. Users of affected products are advised to update to the latest version.

Affected Products

Dell Unity version 5.4 and earlier

Resolved Vulnerabilities

Arbitrary OS command execution vulnerability in Dell Unity due to OS command injection (CVE-2024-22223, CVSS 7.8) [1]

Arbitrary OS command execution vulnerability in Dell Unity due to OS command injection (CVE-2024-22222, CVSS 7.8) [1]

Arbitrary OS Command Execution Vulnerability in Dell Unity via OS Command Injection (CVE-2024-0166, CVSS 7.8) [1]

Occurring vulnerability in Dell Unity caused by command injection (CVE-2024-0168, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-0167, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-0164, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-0165, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-22225, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-22227, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-0170, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-22224, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by OS Command Injection (CVE-2024-22228, CVSS 7.8) [1]

Occurring Vulnerability in Dell Unity caused by Cross Site Scripting (CVE-2024-22230, CVSS 6.4) [1]

Occurring Vulnerability in Dell Unity caused by Cross Site Scripting (XSS) (CVE-2024-0169, CVSS 5.7) [1]

Occurring vulnerability in Dell Unity caused by SQL injection (CVE-2024-22221, CVSS 4.5) [1] [1

Insufficient path access management in Dell Unity (CVE-2024-22226, CVSS 3.3) [1] [1

Vulnerability Patches

Product-specific vulnerability patches were made available in the 02/12/2024 update. For more information on vulnerability patches, please refer to the “Affected Products and Remediation” section of the product-specific reference site documentation.

Dell Unity 5.4.0.0.5.094 or later versions

Referenced Sites

[1] DSA-2024-042: Dell Unity, Dell Unity VSA and Dell Unity XT Security Update for Multiple Vulnerabilities

Https://www.dell.com/support/kbdoc/en-us/000222010/dsa-2024-042-dell-unity-dell-unity-vsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Dell (Dell Unity) Products February 2024 1st Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Linux Kernel Vulnerability Security Update Advisory (CVE-2023-6200)

Atlassian Confluence Security Update Advisory (CVE-2024-21672)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Linux Kernel Vulnerability Security Update Advisory (CVE-2023-6200)

Atlassian Confluence Security Update Advisory (CVE-2024-21672)