CVE-2024-22224

Name of the Vulnerable Software and Affected Versions Dell Unity versions prior to 5.4

Description The issue exists due to the lack of neutralization of special elements used in the operating system command in the svc nas utility of the Dell Unity Operating Environment. This could allow an attacker to execute arbitrary operating system commands with root privileges. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell.

Recommendations For versions prior to 5.4, update to version 5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the svc nas utility to minimize the risk of exploitation.