Vulnerabilities > Dell > EMC Data Protection Advisor > 6.3

DATE CVE VULNERABILITY TITLE RISK
2020-03-18 CVE-2019-18582 Code Injection vulnerability in Dell products
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API.
network
low complexity
dell CWE-94
critical
 9.0
9.0
2020-03-18 CVE-2019-18581 Missing Authorization vulnerability in Dell products
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API.
network
low complexity
dell CWE-862
critical
 9.0
9.0
2018-08-10 CVE-2018-11048 XXE vulnerability in Dell products
Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API.
network
low complexity
dell CWE-611
5.5
5.5