Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Emc Data Protection Central
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45102 1 Dell 5 Dp4400, Dp4400 Firmware, Dp5900 and 2 more 2023-02-08 N/A 6.1 MEDIUM
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.
CVE-2022-34367 1 Dell 1 Emc Data Protection Central 2022-07-27 N/A 8.8 HIGH
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations.
CVE-2021-43588 1 Dell 1 Emc Data Protection Central 2022-01-28 5.0 MEDIUM 7.5 HIGH
Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
CVE-2021-36349 1 Dell 1 Emc Data Protection Central 2022-01-28 4.0 MEDIUM 4.3 MEDIUM
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts.
CVE-2019-3762 1 Dell 2 Emc Data Protection Central, Emc Integrated Data Protection Appliance 2020-03-27 5.0 MEDIUM 7.5 HIGH
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data.