Vulnerabilities > Dell > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2022-34442 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2023-01-11 CVE-2022-34441 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2023-01-11 CVE-2022-34440 Use of Hard-coded Credentials vulnerability in Dell EMC Secure Connect Gateway Policy Manager 5.10.00.00/5.12.00.00
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2022-10-21 CVE-2022-26870 Improper Authentication vulnerability in Dell Powerstoreos 2.1.0.0/2.1.0.1
Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability.
network
low complexity
dell CWE-287
critical
 9.8
9.8
2022-10-12 CVE-2022-31228 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Xtremio Management Server 6.3.0/6.3.38
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability.
network
low complexity
dell CWE-307
critical
 9.8
9.8
2022-09-02 CVE-2022-34371 Insufficiently Protected Credentials vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability.
network
low complexity
dell CWE-522
critical
 9.8
9.8
2022-09-01 CVE-2022-34372 Improper Authentication vulnerability in Dell Powerprotect Cyber Recovery
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability.
network
low complexity
dell CWE-287
critical
 9.1
9.1
2022-09-01 CVE-2022-34379 Improper Authentication vulnerability in Dell Cloudlink
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability.
network
low complexity
dell CWE-287
critical
 9.8
9.8
2022-08-30 CVE-2022-31232 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability.
network
low complexity
dell CWE-78
critical
 9.8
9.8
2022-07-21 CVE-2022-31234 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell products
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI.
network
low complexity
dell CWE-307
critical
 9.8
9.8