CVE-2023-43067: Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local…

medium6.5CVSS 3.1

AVNACLPRLUINSUCHINAN

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local files in the file system.

Affected

4 ranges

Vendor	Product	Version range	Fixed in
dell	unity	—	—
dell	unity_operating_environment	< 5.3.0.0.5.120	5.3.0.0.5.120
dell	unity_xt_operating_environment	< 5.3.0.0.5.120	5.3.0.0.5.120
dell	unityvsa_operating_environment	< 5.3.0.0.5.120	5.3.0.0.5.120