Vulnerabilities > Dell > EMC Data Protection Advisor > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-28 | CVE-2020-5351 | Unspecified vulnerability in Dell EMC Data Protection Advisor 18.1/6.4/6.5 Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. | 7.5 |
| 2020-07-06 | CVE-2020-5352 | OS Command Injection vulnerability in Dell EMC Data Protection Advisor 18.1/6.4/6.5 Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. | 8.8 |
| 2020-03-18 | CVE-2019-18582 | Code Injection vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. | 7.2 |
| 2020-03-18 | CVE-2019-18581 | Missing Authorization vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. | 7.2 |
| 2018-08-10 | CVE-2018-11048 | XXE vulnerability in Dell products Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. | 8.1 |
| 2017-02-03 | CVE-2016-8211 | Path Traversal vulnerability in Dell EMC Data Protection Advisor EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 7.5 |