Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2023-10-23 CVE-2023-43066 OS Command Injection vulnerability in Dell products
Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability.
local
low complexity
dell CWE-78
7.8
7.8
2023-10-23 CVE-2023-43067 XXE vulnerability in Dell products
Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability.
network
low complexity
dell CWE-611
6.5
6.5
2023-10-23 CVE-2023-43065 Cross-site Scripting vulnerability in Dell products
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability.
network
low complexity
dell CWE-79
5.4
5.4
2023-10-23 CVE-2023-43074 Unspecified vulnerability in Dell products
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability.
network
low complexity
dell
7.5
7.5
2023-10-13 CVE-2023-43079 Improper Access Control vulnerability in Dell EMC Openmanage Server Administrator
Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability.
local
low complexity
dell CWE-284
7.8
7.8
2023-10-05 CVE-2023-32485 Improper Input Validation vulnerability in Dell Smartfabric Storage Software 1.0.0
Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability.
network
low complexity
dell CWE-20
critical
 9.8
9.8
2023-10-05 CVE-2023-43068 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH.
network
low complexity
dell CWE-78
8.8
8.8
2023-10-05 CVE-2023-43069 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0
Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI.
local
low complexity
dell CWE-78
7.8
7.8
2023-10-05 CVE-2023-43070 Path Traversal vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0
Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface.
network
low complexity
dell CWE-22
6.5
6.5
2023-10-05 CVE-2023-43071 Improper Neutralization of Formula Elements in a CSV File vulnerability in Dell Smartfabric Storage Software 1.0.0/1.4.0
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI.
network
low complexity
dell CWE-1236
5.4
5.4