Vulnerabilities > Dell > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2022-45101 Improper Privilege Management vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS.
network
low complexity
dell CWE-269
critical
9.8
2023-01-18 CVE-2022-34442 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
9.8
2023-01-11 CVE-2022-34441 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
9.8
2023-01-11 CVE-2022-34440 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
9.8
2022-10-21 CVE-2022-26870 Improper Authentication vulnerability in Dell Powerstoreos 2.1.0.0/2.1.0.1
Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability.
network
low complexity
dell CWE-287
critical
9.8
2022-10-12 CVE-2022-31228 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Xtremio Management Server 6.3.0/6.3.38
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability.
network
low complexity
dell CWE-307
critical
9.8
2022-09-02 CVE-2022-34371 Insufficiently Protected Credentials vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability.
network
low complexity
dell CWE-522
critical
9.8
2022-09-01 CVE-2022-34372 Improper Authentication vulnerability in Dell Powerprotect Cyber Recovery
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability.
network
low complexity
dell CWE-287
critical
9.1
2022-09-01 CVE-2022-34379 Improper Authentication vulnerability in Dell Cloudlink
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability.
network
low complexity
dell CWE-287
critical
9.8
2022-08-30 CVE-2022-31232 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability.
network
low complexity
dell CWE-78
critical
9.8