CVE-2025-24381

High CVSS: 8.8

Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.

Vendor

Dell

Product

Unity Operating Environment

CWE

CWE-601

Yayın Tarihi

2025-03-28 03:15:18

Güncelleme

2025-07-08 16:32:28

Source Identifier

security_alert@emc.com

KEV Date Added

Kategoriler

CWE-601 Unity Operating Environment HIGH Dell 2025

Referanslar

https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Benzer Kayıtlar

High

CVE-2026-22767

Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged att…

High

CVE-2026-22768

Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low…

Medium

CVE-2026-27101

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Impro…

Medium

CVE-2026-28265

PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access cou…

Low

CVE-2026-24508

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerabil…

Medium

CVE-2026-24510

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerabilit…