Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-12 | CVE-2018-1214 | Use of Hard-coded Credentials vulnerability in Dell EMC Supportassist Enterprise 1.1 Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. | 7.0 |
| 2018-02-03 | CVE-2018-1185 | OS Command Injection vulnerability in Dell products An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. | 6.7 |
| 2018-02-03 | CVE-2018-1184 | OS Command Injection vulnerability in Dell products An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. | 6.7 |
| 2018-01-04 | CVE-2017-14383 | Cross-site Scripting vulnerability in Dell EMC Vnx1 Firmware and EMC Vnx2 Firmware In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability. | 6.1 |
| 2017-12-07 | CVE-2017-14386 | Cross-site Scripting vulnerability in Dell 2335Dn Firmware and 2355Dn Firmware The web user interface of Dell 2335dn and 2355dn Multifunction Laser Printers, firmware versions prior to V2.70.06.26 A13 and V2.70.45.34 A10 respectively, are affected by a cross-site scripting vulnerability. | 6.1 |
| 2017-12-06 | CVE-2017-14374 | Use of Hard-coded Credentials vulnerability in Dell Storage Manager The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is protected using a hard-coded password. | 9.8 |
| 2017-11-28 | CVE-2017-8001 | Information Exposure Through Log Files vulnerability in Dell EMC Scaleio An issue was discovered in EMC ScaleIO 2.0.1.x. | 8.4 |
| 2017-11-01 | CVE-2017-14375 | Authentication Bypass by Spoofing vulnerability in multiple products EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 9.8 |
| 2017-10-03 | CVE-2017-8021 | Insecure Default Initialization of Resource vulnerability in Dell Elastic Cloud Storage 3.0 EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system. | 9.8 |
| 2017-09-22 | CVE-2017-8012 | Unspecified vulnerability in Dell products In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. | 7.4 |