CVE-2024-22227

Name of the Vulnerable Software and Affected Versions Dell Unity versions prior to 5.4

Description The issue is related to an OS Command Injection Vulnerability in the svc dc utility of the Dell Unity Operating Environment. This vulnerability could allow an authenticated attacker to execute commands with root privileges. The vulnerability exists due to the lack of measures to neutralize special elements used in the operating system command.

Recommendations For versions prior to 5.4, update to version 5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the svc dc utility until a patch is available.