Filtered by vendor Dell
Subscriptions
Total
1196 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21513 | 1 Dell | 1 Openmanage Server Administrator | 2024-11-21 | 8.6 High |
| Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system. | ||||
| CVE-2021-21512 | 1 Dell | 1 Emc Powerprotect Cyber Recovery | 2024-11-21 | 7.9 High |
| Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account. | ||||
| CVE-2021-21511 | 1 Dell | 2 Emc Avamar Server, Emc Integrated Data Protection Appliance | 2024-11-21 | 8.1 High |
| Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data. | ||||
| CVE-2021-21510 | 1 Dell | 1 Idrac8 Firmware | 2024-11-21 | 6.1 Medium |
| Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections. | ||||
| CVE-2021-21507 | 1 Dell | 22 R1-2210, R1-2210 Firmware, R1-2401 and 19 more | 2024-11-21 | 8.8 High |
| Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | ||||
| CVE-2021-21506 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 8.8 High |
| PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation. | ||||
| CVE-2021-21505 | 1 Dell | 2 Emc Integrated System For Microsoft Azure Stack Hub, Emc Integrated System For Microsoft Azure Stack Hub Firmware | 2024-11-21 | 8 High |
| Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain root privileges. | ||||
| CVE-2021-21503 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.8 High |
| PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation. | ||||
| CVE-2021-21502 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 9.8 Critical |
| Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity. | ||||
| CVE-2020-5389 | 1 Dell | 1 Emc Openmanage Integration For Microsoft System Center | 2024-11-21 | 6.5 Medium |
| Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an information disclosure vulnerability. Authenticated low privileged OMIMSCC users may be able to retrieve sensitive information from the logs. | ||||
| CVE-2020-5388 | 1 Dell | 2 Inspiron 15 7579, Inspiron 15 7579 Firmware | 2024-11-21 | 6.9 Medium |
| Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2020-5387 | 1 Dell | 2 Xps 13 9370, Xps 13 9370 Firmware | 2024-11-21 | 2.3 Low |
| Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed. | ||||
| CVE-2020-5386 | 1 Dell | 1 Emc Elastic Cloud Storage | 2024-11-21 | 7.5 High |
| Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauthenticated attacker can access the list of DT (Directory Table) objects of all internally running services and gain knowledge of sensitive data of the system. | ||||
| CVE-2020-5385 | 1 Dell | 2 Encryption, Endpoint Security Suite Enterprise | 2024-11-21 | 6.7 Medium |
| Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link. | ||||
| CVE-2020-5383 | 1 Dell | 2 Emc Isilon, Emc Powerscale Onefs | 2024-11-21 | 5.3 Medium |
| Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart. | ||||
| CVE-2020-5379 | 1 Dell | 2 Inspiron 7352, Inspiron 7352 Bios | 2024-11-21 | 6.8 Medium |
| Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM). | ||||
| CVE-2020-5378 | 1 Dell | 2 G7 17 7790, G7 17 7790 Bios | 2024-11-21 | 6.8 Medium |
| Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM). | ||||
| CVE-2020-5377 | 1 Dell | 1 Emc Openmanage Server Administrator | 2024-11-21 | 9.1 Critical |
| Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station. | ||||
| CVE-2020-5376 | 1 Dell | 2 Inspiron 7347, Inspiron 7347 Bios | 2024-11-21 | 6.8 Medium |
| Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM). | ||||
| CVE-2020-5374 | 1 Dell | 2 Emc Omimssc For Sccm, Emc Omimssc For Scvmm | 2024-11-21 | 8.8 High |
| Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices. | ||||