Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-24381

Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.

Published

2025-03-28T03:15:18.120

Last Modified

2025-07-08T16:32:28.740

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Primary
CWE-601

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	unity_operating_environment	< 5.5.0.0.5.259	Yes

References

https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities Vendor Advisory ([email protected])