Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2018-03-27 CVE-2018-1237 Improper Authentication vulnerability in Dell EMC Scaleio
Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent (LIA).
network
low complexity
dell CWE-287
critical
 9.8
9.8
2018-03-27 CVE-2018-1205 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell EMC Scaleio
Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service.
network
low complexity
dell CWE-119
7.5
7.5
2018-03-26 CVE-2018-1213 Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability.
network
low complexity
dell CWE-352
8.8
8.8
2018-03-26 CVE-2018-1204 Path Traversal vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool.
local
low complexity
dell CWE-22
6.7
6.7
2018-03-26 CVE-2018-1203 Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Isilon Onefs
In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges.
local
low complexity
dell CWE-732
6.7
6.7
2018-03-26 CVE-2018-1202 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the NDMP Page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1201 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Job Operations Page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1189 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1188 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and versions 7.2.1.x is affected by a cross-site scripting vulnerability in the Authorization Providers page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8
2018-03-26 CVE-2018-1187 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6 is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
4.8