Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2021-36296 | OS Command Injection vulnerability in Dell EMC Unity Operating Environment Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. | 7.2 |
| 2022-01-25 | CVE-2021-36347 | Out-of-bounds Write vulnerability in Dell products iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. | 7.2 |
| 2022-01-25 | CVE-2021-36348 | Injection vulnerability in Dell Integrated Dell Remote Access Controller 9 Firmware iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. | 8.1 |
| 2022-01-24 | CVE-2021-43588 | Improper Input Validation vulnerability in Dell EMC Data Protection Central Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. | 7.5 |
| 2022-01-21 | CVE-2021-36338 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Dell products Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. | 8.0 |
| 2022-01-21 | CVE-2021-36339 | Unspecified vulnerability in Dell products The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. | 7.8 |
| 2022-01-21 | CVE-2022-22551 | Session Fixation vulnerability in Dell EMC Appsync 3.9.0.0/4.2.0.0/4.3.0.0 DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. | 8.8 |
| 2021-12-21 | CVE-2021-36316 | Improper Privilege Management vulnerability in Dell EMC Avamar Server Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. | 7.2 |
| 2021-12-21 | CVE-2021-36337 | Unspecified vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data. | 7.4 |
| 2021-12-21 | CVE-2021-36350 | Improper Authentication vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. | 7.5 |