Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-06 | CVE-2017-14374 | Use of Hard-coded Credentials vulnerability in Dell Storage Manager The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is protected using a hard-coded password. | 9.8 |
| 2017-11-28 | CVE-2017-8001 | Information Exposure Through Log Files vulnerability in Dell EMC Scaleio An issue was discovered in EMC ScaleIO 2.0.1.x. | 8.4 |
| 2017-11-01 | CVE-2017-14375 | Authentication Bypass by Spoofing vulnerability in multiple products EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 9.8 |
| 2017-10-03 | CVE-2017-8021 | Insecure Default Initialization of Resource vulnerability in Dell Elastic Cloud Storage 3.0 EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system. | 9.8 |
| 2017-09-22 | CVE-2017-8012 | Unspecified vulnerability in Dell products In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. | 7.4 |
| 2017-09-22 | CVE-2017-8007 | Path Traversal vulnerability in Dell products In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. | 8.8 |
| 2017-08-04 | CVE-2017-10949 | Path Traversal vulnerability in Dell Storage Manager 2016 R2.1 Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations. | 7.5 |
| 2017-07-17 | CVE-2017-8011 | Use of Hard-coded Credentials vulnerability in Dell products EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. | 9.8 |
| 2017-06-29 | CVE-2017-4997 | Improper Input Validation vulnerability in Dell EMC Vasa Provider Virtual Appliance 8.3.0 EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 9.8 |
| 2017-06-14 | CVE-2017-4981 | Improper Certificate Validation vulnerability in Dell Bsafe Cert-C 2.7 EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability. | 7.5 |