Filtered by vendor Dell
Subscribe
Total
760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21594 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity. | |||||
| CVE-2021-21592 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure. | |||||
| CVE-2021-36279 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-24 | 7.2 HIGH | 7.8 HIGH |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. | |||||
| CVE-2021-21597 | 1 Dell | 4 Wyse 3040 Thin Client, Wyse 5070 Thin Client, Wyse 5470 Thin Client and 1 more | 2021-08-23 | 2.1 LOW | 3.9 LOW |
| Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files. | |||||
| CVE-2021-21598 | 1 Dell | 4 Wyse 3040 Thin Client, Wyse 5070 Thin Client, Wyse 5470 Thin Client and 1 more | 2021-08-23 | 2.1 LOW | 3.9 LOW |
| Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files. | |||||
| CVE-2021-21601 | 1 Dell | 2 Emc Data Protection Search, Emc Integrated Data Protection Appliance | 2021-08-18 | 2.1 LOW | 7.8 HIGH |
| Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account. | |||||
| CVE-2021-21600 | 1 Dell | 1 Emc Networker | 2021-08-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource consumption flaw in its API service. An authorized API user could potentially exploit this vulnerability via the web and desktop user interfaces, leading to denial of service in the manageability path. | |||||
| CVE-2021-21584 | 1 Dell | 2 Openmanage Enterprise, Openmanage Enterprise-modular | 2021-08-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials. | |||||
| CVE-2021-21585 | 1 Dell | 1 Openmanage Enterprise | 2021-08-13 | 9.0 HIGH | 7.2 HIGH |
| Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands. | |||||
| CVE-2021-21562 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-11 | 2.1 LOW | 4.4 MEDIUM |
| Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control. | |||||
| CVE-2021-21553 | 1 Dell | 1 Powerscale Onefs | 2021-08-11 | 7.2 HIGH | 8.8 HIGH |
| Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest. | |||||
| CVE-2021-21563 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. | |||||
| CVE-2021-21577 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. | |||||
| CVE-2021-21578 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. | |||||
| CVE-2021-21579 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. | |||||
| CVE-2021-21580 | 1 Dell | 2 Emc Idrac8 Firmware, Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 4.3 MEDIUM |
| Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate. | |||||
| CVE-2021-21581 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. | |||||
| CVE-2021-21576 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. | |||||
| CVE-2020-5353 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2021-08-06 | 9.0 HIGH | 8.8 HIGH |
| The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system. | |||||
| CVE-2021-21538 | 1 Dell | 1 Idrac9 Firmware | 2021-08-06 | 7.5 HIGH | 10.0 CRITICAL |
| Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console. | |||||