Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Emc Unisphere For Powermax
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-5367 1 Dell 3 Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance, Powermax Os 2023-03-16 6.8 MEDIUM 8.1 HIGH
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim's data in transit.
CVE-2022-45103 1 Dell 8 Emc Solutions Enabler Virtual Appliance, Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance and 5 more 2023-01-30 N/A 6.5 MEDIUM
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.
CVE-2020-5345 1 Dell 3 Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance, Powermax Os 2020-07-02 5.5 MEDIUM 5.4 MEDIUM
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.
CVE-2019-18588 1 Dell 2 Emc Powermax, Emc Unisphere For Powermax 2020-01-22 3.5 LOW 5.4 MEDIUM
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users' sessions.