CVE-2024-22230

MEDIUM

Dell Unity Operating Environment < 5.4.0.0.5.094 - Authenticated Cross-Site Scripting

Title source: llm
STIX 2.1

Description

Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. An authenticated attacker could potentially exploit this vulnerability, stealing session information, masquerading as the affected user or carry out any actions that this user could perform, or to generally control the victim's browser.

References (1)

Core 1

Scores

CVSS v3 6.4
EPSS 0.0044
EPSS Percentile 63.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
dell/unity_operating_environment < 5.4.0.0.5.094
Published Feb 12, 2024
Tracked Since Feb 18, 2026