Vulnerabilities > Dell > EMC Appsync > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-09 CVE-2024-39586 XXE vulnerability in Dell EMC Appsync
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability.
low complexity
dell CWE-611
4.3
2024-02-08 CVE-2024-22464 Information Exposure Through Log Files vulnerability in Dell EMC Appsync
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs.
network
low complexity
dell CWE-532
6.8
2022-01-21 CVE-2022-22552 Improper Restriction of Rendered UI Layers or Frames vulnerability in Dell EMC Appsync 3.9.0.0/4.2.0.0/4.3.0.0
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync.
network
low complexity
dell CWE-1021
6.1