Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2021-04-02 CVE-2021-21533 Improper Input Validation vulnerability in Dell Wyse Management Suite
Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details
network
low complexity
dell CWE-20
4.0
2021-04-02 CVE-2021-21532 Improper Input Validation vulnerability in Dell Wyse Thinos 8.6
Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.
low complexity
dell CWE-20
5.8
2021-04-02 CVE-2021-21529 Resource Exhaustion vulnerability in Dell System Update
Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability.
local
low complexity
dell CWE-400
4.9
2021-03-12 CVE-2021-21518 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin.
local
low complexity
dell CWE-427
7.2
2021-03-08 CVE-2021-21510 Injection vulnerability in Dell Idrac8 Firmware
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability.
network
dell CWE-74
5.8
2021-03-08 CVE-2021-21506 Improper Input Validation vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0
PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler.
network
low complexity
dell CWE-20
6.5
2021-03-08 CVE-2021-21503 OS Command Injection vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0
PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command.
local
low complexity
dell CWE-78
4.6
2021-03-02 CVE-2021-21514 Path Traversal vulnerability in Dell Openmanage Server Administrator
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability.
network
low complexity
dell CWE-22
4.0
2021-03-02 CVE-2021-21513 Improper Authentication vulnerability in Dell Openmanage Server Administrator
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability.
network
low complexity
dell CWE-287
7.5
2021-03-01 CVE-2021-21517 XXE vulnerability in Dell EMC SRS Policy Manager 6.6/6.8.3/6.9.0
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation.
network
low complexity
dell CWE-611
6.4