Vulnerabilities > Dell > EMC Unity Operating Environment

DATE CVE VULNERABILITY TITLE RISK
2023-02-14 CVE-2022-22564 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell products
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm.
network
high complexity
dell CWE-327
5.9
5.9
2022-04-08 CVE-2021-36287 OS Command Injection vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system.
network
low complexity
dell CWE-78
critical
 9.8
9.8
2022-04-08 CVE-2021-36288 Path Traversal vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files
network
low complexity
dell CWE-22
critical
 9.1
9.1
2022-04-08 CVE-2021-36290 Improper Privilege Management vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.
local
low complexity
dell CWE-269
6.7
6.7
2022-04-08 CVE-2021-36293 Improper Privilege Management vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.
local
low complexity
dell CWE-269
6.7
6.7
2022-01-25 CVE-2021-36289 Information Exposure Through Log Files vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability.
local
low complexity
dell CWE-532
7.8
7.8
2022-01-25 CVE-2021-36294 Use of Insufficiently Random Values vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability.
network
low complexity
dell CWE-330
critical
 9.8
9.8
2022-01-25 CVE-2021-36295 OS Command Injection vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2022-01-25 CVE-2021-36296 OS Command Injection vulnerability in Dell EMC Unity Operating Environment
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2022-01-24 CVE-2021-43589 OS Command Injection vulnerability in Dell products
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability.
local
low complexity
dell CWE-78
6.7
6.7