CVE-2025-24381
First published: Fri Mar 28 2025(Updated: )
Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC Unity | <5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-24381?
CVE-2025-24381 is categorized as a moderate severity vulnerability due to its exploitation potential.
How do I fix CVE-2025-24381?
To mitigate CVE-2025-24381, ensure that you update Dell Unity to version 5.5 or later.
Who is affected by CVE-2025-24381?
CVE-2025-24381 affects users running Dell Unity versions 5.4 and earlier.
What can an attacker do with CVE-2025-24381?
An unauthenticated attacker can exploit CVE-2025-24381 to redirect users to malicious web URLs.
Is user interaction required to exploit CVE-2025-24381?
No, exploitation of CVE-2025-24381 does not require any user interaction.
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/type
- agent/source
- agent/event
- agent/last-modified-date
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/dell
- canonical/dell emc unity