Vulnerabilities > Dell > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2022-45100 Improper Certificate Validation vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability.
network
low complexity
dell CWE-295
critical
 9.8
9.8
2023-02-01 CVE-2022-45101 Improper Privilege Management vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS.
network
low complexity
dell CWE-269
critical
 9.8
9.8
2023-01-18 CVE-2022-34442 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2023-01-11 CVE-2022-34441 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2023-01-11 CVE-2022-34440 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2022-10-21 CVE-2022-26870 Improper Authentication vulnerability in Dell Powerstoreos 2.1.0.0/2.1.0.1
Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability.
network
low complexity
dell CWE-287
critical
 9.8
9.8
2022-10-12 CVE-2022-31228 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Xtremio Management Server 6.3.0/6.3.38
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability.
network
low complexity
dell CWE-307
critical
 9.8
9.8
2022-09-02 CVE-2022-34371 Insufficiently Protected Credentials vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability.
network
low complexity
dell CWE-522
critical
 9.8
9.8
2022-07-11 CVE-2020-35169 Improper Input Validation vulnerability in multiple products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.
network
low complexity
dell oracle CWE-20
critical
 9.8
9.8
2022-07-11 CVE-2020-35168 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
network
low complexity
dell oracle
critical
 9.8
9.8