Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker could exploit this vulnerability to forge log entries, create false alarms, and inject malicious content into logs that compromise logs integrity. A malicious attacker could also prevent the product from logging information while malicious actions are performed or implicate an arbitrary user for malicious activities.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
日志输出的转义处理不恰当
Vulnerability Title
Dell Unity 安全漏洞
Vulnerability Description
Dell Unity是美国戴尔(Dell)公司的一套虚拟Unity存储环境。 Dell Unity 5.4之前版本存在安全漏洞,该漏洞源于日志消息可能会被经过身份验证的攻击者欺骗,攻击者可以利用此漏洞伪造日志条目、创建虚假警报以及将恶意内容注入到日志中,从而损害日志完整性。
CVSS Information
N/A
Vulnerability Type
N/A