Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-3731 | Information Exposure Through Discrepancy vulnerability in Dell products RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. | 7.5 |
| 2019-09-30 | CVE-2019-3730 | Information Exposure Through an Error Message vulnerability in Dell Bsafe Micro-Edition-Suite RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. | 7.5 |
| 2019-09-30 | CVE-2019-3729 | Out-of-bounds Write vulnerability in Dell Bsafe Micro-Edition-Suite RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. | 2.4 |
| 2019-09-30 | CVE-2019-3728 | Out-of-bounds Read vulnerability in Dell products RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. | 7.5 |
| 2019-09-27 | CVE-2019-3766 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell EMC Elastic Cloud Storage Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. | 9.8 |
| 2019-09-27 | CVE-2019-3747 | Cross-site Scripting vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. | 4.8 |
| 2019-09-27 | CVE-2019-3746 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of authentication attempts to the ACM API. | 8.8 |
| 2019-09-27 | CVE-2019-3736 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. | 7.2 |
| 2019-09-24 | CVE-2019-3726 | Uncontrolled Search Path Element vulnerability in Dell Update Package Framework 19.1.0.413/3.8.3.67/4.9.4.36 An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. | 6.7 |
| 2019-09-18 | CVE-2019-3740 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. | 6.5 |