Lucene search

DellCVELIST:CVE-2023-43074

HistoryOct 23, 2023 - 2:50 p.m.

CVE-2023-43074

2023-10-2314:50:11

CWE-73

dell

www.cve.org

dell unity 5.3

arbitrary file creation

cve-2023-43074

remote unauthenticated attacker

server vulnerability

5.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:L

0.001 Low

EPSS

Percentile

34.8%

JSON

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Unity",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to 5.3.0.0.5.120"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000213152/dsa-2023-141-dell-unity-unity-vsa-and-unity-xt-security-update-for-multiple-vulnerabilities

5.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:L

0.001 Low

EPSS

Percentile

34.8%

JSON

Related for CVELIST:CVE-2023-43074