Filtered by vendor Dell
Subscribe
Total
1046 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34458 | 1 Dell | 3 Alienware Update, Command Update, Update | 2024-11-21 | N/A | 6.6 MEDIUM |
| Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the disclosure of confidential data. | |||||
| CVE-2022-34457 | 1 Dell | 1 Command\|configure | 2024-11-21 | N/A | 7.3 HIGH |
| Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical severity vulnerability as it allows non-admin to modify the files inside installed directory and able to make application unavailable for all users. | |||||
| CVE-2022-34456 | 1 Dell | 1 Emc Metro Node | 2024-11-21 | N/A | 8.8 HIGH |
| Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application. | |||||
| CVE-2022-34454 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. | |||||
| CVE-2022-34453 | 1 Dell | 2 Xtremio X2, Xtremio X2 Firmware | 2024-11-21 | N/A | 7.6 HIGH |
| Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default. | |||||
| CVE-2022-34452 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 2.7 LOW |
| PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs. | |||||
| CVE-2022-34451 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 4.8 MEDIUM |
| PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server. | |||||
| CVE-2022-34450 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 6.7 MEDIUM |
| PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root. | |||||
| CVE-2022-34449 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 6.0 MEDIUM |
| PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application. | |||||
| CVE-2022-34448 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 8.8 HIGH |
| PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions. | |||||
| CVE-2022-34447 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 7.2 HIGH |
| PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user. | |||||
| CVE-2022-34446 | 1 Dell | 1 Powerpath Management Appliance | 2024-11-21 | N/A | 8.8 HIGH |
| PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration. | |||||
| CVE-2022-34445 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | N/A | 6.0 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2022-34444 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | N/A | 5.9 MEDIUM |
| Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. | |||||
| CVE-2022-34443 | 1 Dell | 1 Rugged Control Center | 2024-11-21 | N/A | 7.8 HIGH |
| Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges. | |||||
| CVE-2022-34442 | 1 Dell | 1 Emc Secure Connect Gateway Policy Manager | 2024-11-21 | N/A | 8.0 HIGH |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges. | |||||
| CVE-2022-34441 | 1 Dell | 1 Emc Secure Connect Gateway Policy Manager | 2024-11-21 | N/A | 8.0 HIGH |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges. | |||||
| CVE-2022-34440 | 1 Dell | 1 Emc Secure Connect Gateway Policy Manager | 2024-11-21 | N/A | 8.4 HIGH |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges. | |||||
| CVE-2022-34439 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node. | |||||
| CVE-2022-34438 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters. | |||||