Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-26 | CVE-2018-1186 | Cross-site Scripting vulnerability in Dell EMC Isilon Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface. | 4.8 |
| 2018-03-23 | CVE-2018-1211 | Path Traversal vulnerability in Dell EMC Idrac7 and EMC Idrac8 Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. | 7.5 |
| 2018-03-23 | CVE-2018-1207 | Code Injection vulnerability in Dell EMC Idrac7 and EMC Idrac8 Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. | 9.8 |
| 2018-03-19 | CVE-2018-1218 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell EMC Networker In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1.1.6, 9.0.x, and versions prior to 8.2.4.11, the 'nsrd' daemon causes a buffer overflow condition when handling certain messages. | 7.5 |
| 2018-03-16 | CVE-2017-14384 | Path Traversal vulnerability in Dell Storage Manager In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. | 6.5 |
| 2018-03-08 | CVE-2018-1216 | Use of Hard-coded Credentials vulnerability in Dell products A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). | 9.8 |
| 2018-03-08 | CVE-2018-1215 | Unrestricted Upload of File with Dangerous Type vulnerability in Dell products An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). | 8.8 |
| 2018-02-12 | CVE-2018-1214 | Use of Hard-coded Credentials vulnerability in Dell EMC Supportassist Enterprise 1.1 Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. | 7.0 |
| 2018-02-03 | CVE-2018-1185 | OS Command Injection vulnerability in Dell products An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. | 6.7 |
| 2018-02-03 | CVE-2018-1184 | OS Command Injection vulnerability in Dell products An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. | 6.7 |