Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2022-34436 Improper Input Validation vulnerability in Dell Idrac8 Firmware
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set.
network
low complexity
dell CWE-20
4.9
4.9
2023-01-18 CVE-2022-34457 Incorrect Permission Assignment for Critical Resource vulnerability in Dell Command|Configure
Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation.
local
low complexity
dell CWE-732
7.8
7.8
2023-01-18 CVE-2022-34442 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2023-01-18 CVE-2022-34462 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability.
local
low complexity
dell CWE-798
7.8
7.8
2023-01-18 CVE-2022-32490 Improper Input Validation vulnerability in Dell products
Dell BIOS contains an improper input validation vulnerability.
local
high complexity
dell CWE-20
7.8
7.8
2023-01-18 CVE-2022-34393 Improper Input Validation vulnerability in Dell products
Dell BIOS contains an improper input validation vulnerability.
local
high complexity
dell CWE-20
7.5
7.5
2023-01-18 CVE-2022-34401 Out-of-bounds Write vulnerability in Dell products
Dell BIOS contains a stack based buffer overflow vulnerability.
local
high complexity
dell CWE-787
7.5
7.5
2023-01-18 CVE-2022-34456 Code Injection vulnerability in Dell EMC Metro Node
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability.
network
low complexity
dell CWE-94
8.8
8.8
2023-01-18 CVE-2022-34460 Improper Input Validation vulnerability in Dell products
Prior Dell BIOS versions contain an improper input validation vulnerability.
local
high complexity
dell CWE-20
7.8
7.8
2023-01-11 CVE-2022-34441 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8