Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2020-5316 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability.
local
low complexity
dell CWE-427
7.8
7.8
2021-07-22 CVE-2020-5370 Path Traversal vulnerability in Dell EMC Openmanage Enterprise
Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability.
network
low complexity
dell CWE-22
6.8
6.8
2021-07-19 CVE-2020-29499 OS Command Injection vulnerability in Dell EMC Powerstore
Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment .
local
low complexity
dell CWE-78
6.7
6.7
2021-07-19 CVE-2020-29503 Incorrect Default Permissions vulnerability in Dell EMC Powerstore
Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability.
local
low complexity
dell CWE-276
4.4
4.4
2021-07-19 CVE-2020-5315 Insufficiently Protected Credentials vulnerability in Dell EMC Repository Manager
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability.
local
low complexity
dell CWE-522
8.8
8.8
2021-07-19 CVE-2020-5320 SQL Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability.
network
low complexity
dell CWE-89
7.2
7.2
2021-07-19 CVE-2020-5321 Improper Input Validation vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability.
network
low complexity
dell CWE-20
7.6
7.6
2021-07-19 CVE-2020-5322 OS Command Injection vulnerability in Dell EMC Openmanage Enterprise-Modular
Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection vulnerability.
network
low complexity
dell CWE-78
critical
 9.1
9.1
2021-07-19 CVE-2020-5323 Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability.
network
low complexity
dell CWE-74
8.1
8.1
2021-07-19 CVE-2020-5349 Use of Hard-coded Credentials vulnerability in Dell products
Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a hardcoded credential vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8