Vulnerabilities > Dell > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2019-3705 | Out-of-bounds Write vulnerability in Dell products Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. | 10.0 |
| 2019-04-17 | CVE-2019-3709 | Cross-site Scripting vulnerability in Dell EMC Isilonsd Management Server 1.1.0 IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while registering vCenter servers. | 9.3 |
| 2019-04-17 | CVE-2019-3708 | Cross-site Scripting vulnerability in Dell EMC Isilonsd Management Server 1.1.0 IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while uploading an OVA file. | 9.3 |
| 2019-04-01 | CVE-2017-8023 | Improper Authentication vulnerability in Dell EMC Networker EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. | 10.0 |
| 2018-11-30 | CVE-2018-15767 | Incorrect Authorization vulnerability in Dell Openmanage Network Manager The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. | 9.0 |
| 2018-11-26 | CVE-2018-11066 | Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. | 10.0 |
| 2018-11-02 | CVE-2018-11062 | Use of Hard-coded Credentials vulnerability in Dell EMC Integrated Data Protection Appliance 2.0/2.1/2.2 Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. | 9.0 |
| 2018-07-02 | CVE-2018-1212 | Command Injection vulnerability in Dell Idrac6 Modular and Idrac6 Monolithic The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. | 9.0 |
| 2018-05-08 | CVE-2018-1239 | OS Command Injection vulnerability in Dell products Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. | 9.0 |
| 2018-03-08 | CVE-2018-1216 | Use of Hard-coded Credentials vulnerability in Dell products A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). | 10.0 |