Rewterz Threat Advisory – Multiple Dell EMC Unity Appliances Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-22222 CVSS: 7.8

Dell EMC Unity appliances could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the svc_udoctor utility. An attacker could exploit this vulnerability to execute arbitrary commands on the application’s underlying operating system with the privileges of the vulnerable application.

CVE-2024-22227 CVSS: 7.8

Dell EMC Unity appliances could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the svc_dc utility. An attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the system.

CVE-2024-22228 CVSS: 7.8

Dell EMC Unity appliances could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the svc_cifssupport utility. An attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the system.

CVE-2024-22225 CVSS: 7.8

Dell EMC Unity appliances could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the svc_supportassist utility. An attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the system.

CVE-2024-22230 CVSS: 6.4

Dell EMC Unity appliances are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2024-22224 CVSS: 7.8

Dell EMC Unity appliances could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the svc_nas utility. An attacker could exploit this vulnerability to execute arbitrary commands with root privileges on the system.

CVE-2024-22226 CVSS: 3.3

Dell EMC Unity appliances could allow a local authenticated attacker to traverse directories on the system, caused by improper validation of user-supplied input by the svc_supportassist utility. An attacker could send specially-crafted input containing path traversal sequences to write to arbitrary files on the server filesystem with elevated privileges.

CVE-2024-22221 CVSS: 4.5

Dell EMC Unity appliances could allow a remote authenticated attacker to obtain sensitive information, caused by a SQL injection vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-22223 CVSS: 7.8

Dell EMC Unity appliances could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input by the svc_cbr utility. An attacker could exploit this vulnerability to execute arbitrary commands on the application’s underlying operating system with the privileges of the vulnerable application.

Impact

• Gain Access
• Cross-Site Scripting
• Information Disclosure

Indicators Of Compromise

CVE

• CVE-2024-22222
• CVE-2024-22227
• CVE-2024-22228
• CVE-2024-22225
• CVE-2024-22230
• CVE-2024-22224
• CVE-2024-22226
• CVE-2024-22221
• CVE-2024-22223

Affected Vendors

Dell

Affected Products

• Dell EMC Unity 5.2
• Dell EMC Unity 5.3

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

Dell Security Advisory