CVE-2024-22221 MEDIUM

CVE-2024-22221

Vendor Dell

Product Unity

Weakness CWE-89 · SQLi

Published February 12, 2024

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

4.5/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction Required

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading to exposure of sensitive information.

Key dates

02Disclosure timeline

February 12, 2024 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-22221

Related vulnerabilities

04Related CVE

CVE-2019-25335 PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass CVE-2024-6274 lahirudanushka School Management System Attendance Report Page attendancelist.php sql injection CVE-2024-10070 ESAFENET CDG PolicyPushControlAction.java actionPolicyPush sql injection CVE-2026-22044 GLPI is Vulnerable to Authenticated SQL Injection CVE-2025-5631 code-projects/anirbandutta9 Content Management System/News-Buzz publicposts.php sql injection