Vulnerabilities > Dell > EMC Integrated Data Protection Appliance

DATE CVE VULNERABILITY TITLE RISK
2021-08-10 CVE-2021-21601 Information Exposure Through Log Files vulnerability in Dell products
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS.
local
low complexity
dell CWE-532
2.1
2.1
2021-07-16 CVE-2019-3752 XXE vulnerability in Dell products
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4.
network
low complexity
dell CWE-611
6.4
6.4
2021-02-15 CVE-2021-21511 Unspecified vulnerability in Dell products
Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI.
network
low complexity
dell
5.5
5.5
2021-01-14 CVE-2020-29495 OS Command Injection vulnerability in Dell products
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer.
network
low complexity
dell CWE-78
critical
 10.0
10
2021-01-14 CVE-2020-29494 Path Traversal vulnerability in Dell products
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM.
network
low complexity
dell CWE-22
5.5
5.5
2021-01-14 CVE-2020-29493 SQL Injection vulnerability in Dell products
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer.
network
low complexity
dell CWE-89
7.5
7.5
2020-04-15 CVE-2020-5350 OS Command Injection vulnerability in Dell EMC Integrated Data Protection Appliance
Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component.
network
low complexity
dell CWE-78
critical
 9.0
9.0
2020-03-18 CVE-2019-3762 Improper Certificate Validation vulnerability in Dell products
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability.
network
low complexity
dell CWE-295
5.0
5.0
2019-10-09 CVE-2019-3765 Incorrect Permission Assignment for Critical Resource vulnerability in Dell products
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability.
network
low complexity
dell CWE-732
5.5
5.5
2018-11-26 CVE-2018-11077 OS Command Injection vulnerability in multiple products
'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability.
local
low complexity
dell vmware CWE-78
7.2
7.2