Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Powerpath Management Appliance
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34446 1 Dell 1 Powerpath Management Appliance 2023-02-21 N/A 8.1 HIGH
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration.
CVE-2022-34451 1 Dell 1 Powerpath Management Appliance 2023-02-21 N/A 4.8 MEDIUM
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server.
CVE-2022-34450 1 Dell 1 Powerpath Management Appliance 2023-02-21 N/A 6.7 MEDIUM
PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root.
CVE-2022-34449 1 Dell 1 Powerpath Management Appliance 2023-02-21 N/A 6.0 MEDIUM
PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application.
CVE-2022-34447 1 Dell 1 Powerpath Management Appliance 2023-02-21 N/A 7.2 HIGH
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user.
CVE-2022-34448 1 Dell 1 Powerpath Management Appliance 2023-02-21 N/A 8.8 HIGH
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions.
CVE-2022-34452 1 Dell 1 Powerpath Management Appliance 2023-02-17 N/A 2.7 LOW
PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.
CVE-2021-43587 1 Dell 1 Powerpath Management Appliance 2022-01-05 7.2 HIGH 6.7 MEDIUM
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.