CNNVD-202510-4232 Information

CNNVD ID

CNNVD-202510-4232

Related CVE

CVE-2025-43940

• CNNVD Published: 2025-10-30

Description (Chinese)

Dell Unity是美国戴尔（Dell）公司的一套虚拟Unity存储环境。 Dell Unity 5.5及之前版本存在操作系统命令注入漏洞，该漏洞源于特殊元素中和不当，可能导致命令注入和权限提升。

Description (English)

Dell Unity is a virtual Unity storage environment for Dell in the United States. Dell Unity 5.5 and previous versions have incorporated a loophole in the operating system, which stems from the incompetence of special elements, which may lead to the injection of commands and the enhancement of privileges.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

戴尔

Published

2025-10-30

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000385307/dsa-2025-379-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-us/000385307/dsa-2025-379-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities