Vulnerabilities > Dell > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-5350 | OS Command Injection vulnerability in Dell EMC Integrated Data Protection Appliance Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. | 9.0 |
| 2020-03-31 | CVE-2020-5344 | Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. | 10.0 |
| 2020-03-18 | CVE-2019-18582 | Code Injection vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. | 9.0 |
| 2020-03-18 | CVE-2019-18581 | Missing Authorization vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. | 9.0 |
| 2020-03-06 | CVE-2020-5328 | Missing Authentication for Critical Function vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. | 10.0 |
| 2020-03-06 | CVE-2020-5327 | Deserialization of Untrusted Data vulnerability in Dell Security Management Server 10.2.0 Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. | 9.3 |
| 2020-01-15 | CVE-2009-1120 | Unspecified vulnerability in Dell EMC Replistor EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. | 10.0 |
| 2019-11-26 | CVE-2019-18580 | Deserialization of Untrusted Data vulnerability in Dell EMC Storage Monitoring and Reporting 4.3.1 Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. | 10.0 |
| 2019-04-26 | CVE-2019-3707 | Unspecified vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. | 10.0 |
| 2019-04-26 | CVE-2019-3706 | Unspecified vulnerability in Dell Idrac9 Firmware 3.20.21.20/3.21.24.22/3.23.23.23 Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. | 10.0 |