CVE-2025-24381

Name of the Vulnerable Software and Affected Versions Dell Unity versions 5.4 and prior

Description The issue is an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this, leading to a targeted application user being redirected to arbitrary web URLs. This could be leveraged by attackers to conduct phishing attacks, causing users to divulge sensitive information. Exploitation may allow for session theft.

Recommendations For Dell Unity versions 5.4 and prior, update to a version later than 5.4 to resolve the issue. As a temporary workaround, consider restricting access to untrusted URLs to minimize the risk of exploitation. Avoid using the vulnerable URL redirection feature in Dell Unity until the issue is resolved.