CVE-2024-0164

Name of the Vulnerable Software and Affected Versions Dell Unity versions prior to 5.4

Description The issue is related to an OS Command Injection Vulnerability in the svc topstats utility of the Dell Unity Operating Environment. This vulnerability exists due to the lack of measures to neutralize special elements used in the operating system command. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary commands with elevated privileges.

Recommendations For versions prior to 5.4, update to version 5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the svc topstats utility until a patch is available.