Vulnerabilities > Dell > EMC Integrated Data Protection Appliance Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-18	CVE-2019-18582	Code Injection vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. network low complexity dell CWE-94	7.2
2020-03-18	CVE-2019-18581	Missing Authorization vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. network low complexity dell CWE-862	7.2
2019-09-27	CVE-2019-3746	Improper Restriction of Excessive Authentication Attempts vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of authentication attempts to the ACM API. network low complexity dell CWE-307	8.8
2019-09-27	CVE-2019-3736	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. network low complexity dell CWE-327	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.