Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2021-07-19 CVE-2020-5320 SQL Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability.
network
low complexity
dell CWE-89
7.2
7.2
2021-07-19 CVE-2020-5321 Improper Input Validation vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability.
network
low complexity
dell CWE-20
7.6
7.6
2021-07-19 CVE-2020-5322 OS Command Injection vulnerability in Dell EMC Openmanage Enterprise-Modular
Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection vulnerability.
network
low complexity
dell CWE-78
critical
 9.1
9.1
2021-07-19 CVE-2020-5323 Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability.
network
low complexity
dell CWE-74
8.1
8.1
2021-07-19 CVE-2020-5349 Use of Hard-coded Credentials vulnerability in Dell products
Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a hardcoded credential vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2021-07-16 CVE-2019-3752 XXE vulnerability in Dell products
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4.
network
low complexity
dell CWE-611
8.2
8.2
2021-07-15 CVE-2021-21586 Path Traversal vulnerability in Dell Wyse Management Suite
Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability.
network
low complexity
dell CWE-22
6.5
6.5
2021-07-15 CVE-2021-21587 Information Exposure vulnerability in Dell Wyse Management Suite
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability.
local
low complexity
dell CWE-200
3.3
3.3
2021-07-12 CVE-2021-21588 Insufficient Verification of Data Authenticity vulnerability in Dell Powerflex Presentation Server 3.5
Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI.
network
low complexity
dell CWE-345
4.3
4.3
2021-07-12 CVE-2021-21589 Unspecified vulnerability in Dell products
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization.
local
low complexity
dell
6.7
6.7