Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-27 | CVE-2019-3736 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. | 7.2 |
| 2019-09-24 | CVE-2019-3726 | Uncontrolled Search Path Element vulnerability in Dell Update Package Framework 19.1.0.413/3.8.3.67/4.9.4.36 An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. | 6.7 |
| 2019-09-18 | CVE-2019-3740 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3739 | Cryptographic Issues vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3738 | Missing Required Cryptographic Step vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. | 6.5 |
| 2019-09-11 | CVE-2019-3763 | Information Exposure Through Log Files vulnerability in Dell products The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. | 7.8 |
| 2019-09-11 | CVE-2019-3761 | Cross-site Scripting vulnerability in Dell products The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a stored cross-site scripting vulnerability in the Access Request module. | 5.4 |
| 2019-09-11 | CVE-2019-3760 | SQL Injection vulnerability in Dell products The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect. | 8.8 |
| 2019-09-11 | CVE-2019-3759 | Code Injection vulnerability in Dell products The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. | 8.1 |
| 2019-09-03 | CVE-2019-3754 | Cross-site Scripting vulnerability in Dell products Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. | 6.1 |