CVE-2024-0168: OS Command Injection
First published: Mon Feb 12 2024(Updated: )
Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to inject arbitrary operating system commands. This vulnerability allows an authenticated attacker to execute commands with root privileges.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC Unity Operating Environment | <5.4.0.0.5.094 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-0168?
CVE-2024-0168 is classified as a critical vulnerability due to the potential for command injection by an authenticated attacker.
How do I fix CVE-2024-0168?
To remediate CVE-2024-0168, upgrade the Dell Unity Operating Environment to version 5.4 or later.
What are the risks associated with CVE-2024-0168?
Exploitation of CVE-2024-0168 could allow an authenticated attacker to execute arbitrary operating system commands, compromising system integrity.
Which versions of Dell Unity are affected by CVE-2024-0168?
Dell Unity versions prior to 5.4 are affected by CVE-2024-0168.
Who can exploit CVE-2024-0168?
CVE-2024-0168 can be exploited by authenticated attackers with access to the affected Dell Unity systems.
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/type
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell emc unity operating environment