heise PlusAbo
Anzeige

Storage appliances: Dell closes countless security gaps in Unity series

Among other things, the Dell developers have closed a 19-year-old vulnerability in various Unity models.

listen Print view
Shot,Of,Data,Center,With,Multiple,Rows,Of,Fully,Operational

(Image: Gorodenkoff/Shutterstock.com)

1 min. read
Security
By

The Dell Unity, UnityVSA and Unity XT storage appliances are vulnerable. Attackers can exploit a number of vulnerabilities to compromise systems. Security patches are available.

19 year old vulnerability

In a security announcement, the developers state that they have closed the vulnerabilities in Dell Unity Operating Environment (OE) 5.5.0.0.5.259. All previous versions are vulnerable. First and foremost, gaps in components such as Apache HTTP Server, libcap and Vim have been closed.

These also include older vulnerabilities (CVE-2006-20001 "high"). This is where attackers can launch DoS attacks. A Python vulnerability from 2007 (CVE-2007-4559 "medium") allows attackers to overwrite files. It remains unclear why the developers are only now closing these vulnerabilities.

However, the developers have also closed current gaps in OE. These include two "critical" root vulnerabilities (CVE-2025-22398, CVE-2025-24383) which attackers can use to execute malicious code.

Videos by heise

Admins should ensure that the latest version of Dell's OE, which is protected against the attacks described, is installed.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten