Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-21553 Unspecified vulnerability in Dell Powerscale Onefs
Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode.
local
low complexity
dell
8.8
2021-07-29 CVE-2020-5353 Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory.
network
low complexity
dell CWE-276
8.8
2021-07-28 CVE-2020-26180 Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account.
network
low complexity
dell CWE-276
8.8
2021-07-28 CVE-2020-5351 Unspecified vulnerability in Dell EMC Data Protection Advisor 18.1/6.4/6.5
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password.
network
low complexity
dell
7.5
2021-07-22 CVE-2020-5316 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability.
local
low complexity
dell CWE-427
7.8
2021-07-19 CVE-2020-5315 Insufficiently Protected Credentials vulnerability in Dell EMC Repository Manager
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability.
local
low complexity
dell CWE-522
8.8
2021-07-19 CVE-2020-5320 SQL Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability.
network
low complexity
dell CWE-89
7.2
2021-07-19 CVE-2020-5321 Improper Input Validation vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability.
network
low complexity
dell CWE-20
7.6
2021-07-19 CVE-2020-5323 Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability.
network
low complexity
dell CWE-74
8.1
2021-07-16 CVE-2019-3752 XXE vulnerability in Dell products
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4.
network
low complexity
dell CWE-611
8.2