Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-04 | CVE-2017-10949 | Path Traversal vulnerability in Dell Storage Manager 2016 R2.1 Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations. | 7.5 |
| 2017-07-17 | CVE-2017-8011 | Use of Hard-coded Credentials vulnerability in Dell products EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. | 9.8 |
| 2017-06-29 | CVE-2017-4997 | Improper Input Validation vulnerability in Dell EMC Vasa Provider Virtual Appliance 8.3.0 EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 9.8 |
| 2017-06-14 | CVE-2017-4981 | Improper Certificate Validation vulnerability in Dell Bsafe Cert-C 2.7 EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability. | 7.5 |
| 2017-05-04 | CVE-2017-4983 | Unspecified vulnerability in Dell EMC Data Domain OS EMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and 6.0 before 6.0.1.0 is affected by a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system. | 6.7 |
| 2017-04-10 | CVE-2015-7275 | Cross-site Scripting vulnerability in Dell Integrated Remote Access Controller Firmware Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS. | 6.1 |
| 2017-04-10 | CVE-2015-7274 | Permissions, Privileges, and Access Controls vulnerability in Dell Integrated Remote Access Controller Firmware 1.99 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | 8.8 |
| 2017-04-10 | CVE-2015-7273 | XXE vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE. | 9.8 |
| 2017-04-10 | CVE-2015-7272 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input. | 9.8 |
| 2017-04-10 | CVE-2015-7271 | Use of Externally-Controlled Format String vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo. | 9.8 |