Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2021-12-21 CVE-2021-43587 Use of Hard-coded Cryptographic Key vulnerability in Dell Powerpath Management Appliance
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key.
local
low complexity
dell CWE-321
6.7
6.7
2021-11-30 CVE-2021-36326 Algorithm Downgrade vulnerability in Dell EMC Streaming Data Platform
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI).
network
low complexity
dell CWE-757
6.5
6.5
2021-11-30 CVE-2021-36327 Server-Side Request Forgery (SSRF) vulnerability in Dell EMC Streaming Data Platform
Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability.
network
low complexity
dell CWE-918
5.3
5.3
2021-11-30 CVE-2021-36328 SQL Injection vulnerability in Dell EMC Streaming Data Platform
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability.
network
low complexity
dell CWE-89
8.8
8.8
2021-11-30 CVE-2021-36329 Authorization Bypass Through User-Controlled Key vulnerability in Dell EMC Streaming Data Platform
Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability.
network
low complexity
dell CWE-639
6.5
6.5
2021-11-30 CVE-2021-36330 Insufficient Session Expiration vulnerability in Dell EMC Streaming Data Platform
Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability.
network
low complexity
dell CWE-613
critical
 9.8
9.8
2021-11-23 CVE-2021-21561 Information Exposure Through Log Files vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability.
local
low complexity
dell CWE-532
5.5
5.5
2021-11-23 CVE-2021-36299 SQL Injection vulnerability in Dell EMC Idrac9 Firmware
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability.
network
low complexity
dell CWE-89
8.1
8.1
2021-11-23 CVE-2021-36300 SQL Injection vulnerability in Dell EMC Idrac9 Firmware
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability.
network
low complexity
dell CWE-89
8.2
8.2
2021-11-23 CVE-2021-36301 Out-of-bounds Write vulnerability in Dell EMC Idrac8 Firmware and EMC Idrac9 Firmware
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm.
network
low complexity
dell CWE-787
7.2
7.2