Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-18 | CVE-2019-18582 | Code Injection vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. | 7.2 |
| 2020-03-18 | CVE-2019-18581 | Missing Authorization vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. | 7.2 |
| 2020-03-13 | CVE-2019-3770 | Cross-site Scripting vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. | 6.4 |
| 2020-03-13 | CVE-2019-3769 | Cross-site Scripting vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. | 6.4 |
| 2020-03-13 | CVE-2019-18578 | Cross-site Scripting vulnerability in Dell Xtremio Management Server Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-site scripting vulnerability. | 9.0 |
| 2020-03-13 | CVE-2019-18577 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell Xtremio Management Server Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. | 6.7 |
| 2020-03-13 | CVE-2019-18576 | Information Exposure Through Log Files vulnerability in Dell Xtremio Management Server Dell EMC XtremIO XMS versions prior to 6.3.0 contain an information disclosure vulnerability where OS users’ passwords are logged in local files. | 6.7 |
| 2020-03-09 | CVE-2020-5342 | Incorrect Default Permissions vulnerability in Dell Digital Delivery Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. | 7.8 |
| 2020-03-06 | CVE-2020-5328 | Missing Authentication for Critical Function vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. | 9.8 |
| 2020-03-06 | CVE-2020-5327 | Deserialization of Untrusted Data vulnerability in Dell Security Management Server 10.2.0 Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. | 9.8 |