CVE-2023-43067

Summary

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local files in the file system.

Affected Software

VendorProductVersion RangeStatus
DellUnityVersions prior to 5.3.0.0.5.120affected

Weaknesses

  • CWE-611: CWE-611: Improper Restriction of XML External Entity Reference

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References