CNNVD-202510-4227 Information

CNNVD ID

CNNVD-202510-4227

Related CVE

CVE-2025-43942

• CNNVD Published: 2025-10-30

Description (Chinese)

Dell Unity是美国戴尔（Dell）公司的一套虚拟Unity存储环境。 Dell Unity 5.5及之前版本存在操作系统命令注入漏洞，该漏洞源于特殊元素中和不当，可能导致OS命令注入攻击。

Description (English)

Dell Unity is a virtual Unity storage environment for Dell in the United States. Dell Unity 5.5 and earlier versions had an operational system command-infusion loophole, which had its origin in special elements and could lead to an OS-injection attack.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

戴尔

Published

2025-10-30

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000385307/dsa-2025-379-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-us/000385307/dsa-2025-379-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities